Bangkok Airways hit by LockBit ransomware attack, loses lotsa data after refusing to pay

Partial credit card numbers appear and, worse still, passengers' meal preferences


Bangkok Airways has revealed it was the victim of a cyberattack from ransomware group LockBit on August 23rd, resulting in the publishing of stolen data.

Bangkok Airways' announcement about the matter came last Thursday, a day after LockBit posted a message on its dark web portal threatening the airline to pay a ransom or suffer a data leak.

The airline was given five days to sort payment, but instead of coughing up it disclosed the breach. LockBit responded by publishing the lot. Competing claims about the resulting data dump rate it at 103GB and over 200GB.

The data mostly contained business-related documents, but there was some passenger personal data in the mix. The personal data may have included names, nationalities, gender, phone number, email, address, passport information, travel history, partial credit card numbers and even meal preferences.

The Thai regional carrier said no operational or aeronautical security systems were impacted.

The airline said it is investigating the incident and has informed law enforcement agencies and customers. The latter group was advised to beware of scammers – especially anyone posing as Bangkok Airways asking for information like credit card details.

"For primary prevention measures, the company highly recommends passengers to contact their bank or credit card provider and follow their advice and change any compromised passwords as soon as possible," reads the company's canned statement.

LockBit mostly targets organizations like enterprises and governments that will be disrupted enough by ransomware that paying up is the easy way out.

Earlier this month the gang hit outsourcing and accounting firm Accenture. Rumors swirled that the cybercrims demanded $50 million in cryptocurrency from the consulting MNC. The deadline was continually moved forward until Accenture concluded the stolen data was not significant.

Another LockBit target was UK train operator Merseyrail, which fell victim in April 2021. Trains continued to run on time, but the criminals got bragging rights after reportedly pwning a company director's Office 365 account and using it to email employees and journalists about their achievement. ®

Similar topics


Other stories you might like

  • Ubuntu 21.10: Plan to do yourself an Indri? Here's what's inside... including a bit of GNOME schooling

    Plus: Rounded corners make GNOME 40 look like Windows 11

    Review Canonical has released Ubuntu 21.10, or "Impish Indri" as this one is known. This is the last major version before next year's long-term support release of Ubuntu 22.04, and serves as a good preview of some of the changes coming for those who stick with LTS releases.

    If you prefer to run the latest and greatest, 21.10 is a solid release with a new kernel, a major GNOME update, and some theming changes. As a short-term support release, Ubuntu 21.10 will be supported for nine months, which covers you until July 2022, by which point 22.04 will already be out.

    Continue reading
  • Heart FM's borkfast show – a fine way to start your day

    Jamie and Amanda have a new co-presenter to contend with

    There can be few things worse than Microsoft Windows elbowing itself into a presenting partnership, as seen in this digital signage for the Heart breakfast show.

    For those unfamiliar with the station, Heart is a UK national broadcaster with Global as its parent. It currently consists of a dozen or so regional stations with a number of shows broadcast nationally. Including a perky breakfast show featuring former Live and Kicking presenter Jamie Theakston and Britain's Got Talent judge, Amanda Holden.

    Continue reading
  • Think your phone is snooping on you? Hold my beer, says basic physics

    Information wants to be free, and it's making its escape

    Opinion Forget the Singularity. That modern myth where AI learns to improve itself in an exponential feedback loop towards evil godhood ain't gonna happen. Spacetime itself sets hard limits on how fast information can be gathered and processed, no matter how clever you are.

    What we should expect in its place is the robot panopticon, a relatively dumb system with near-divine powers of perception. That's something the same laws of physics that prevent the Godbot practically guarantee. The latest foreshadowing of mankind's fate? The Ethernet cable.

    By itself, last week's story of a researcher picking up and decoding the unintended wireless emissions of an Ethernet cable is mildly interesting. It was the most labby of lab-based demos, with every possible tweak applied to maximise the chances of it working. It's not even as if it's a new discovery. The effect and its security implications have been known since the Second World War, when Bell Labs demonstrated to the US Army that a wired teleprinter encoder called SIGTOT was vulnerable. It could be monitored at a distance and the unencrypted messages extracted by the radio pulses it gave off in operation.

    Continue reading

Biting the hand that feeds IT © 1998–2021