The airlines apologize for passport info breach as LockBit ransomware group threatens data leak
Bangkok Airways has apologized for a data breach in which passport information and other personal data of its customers were exposed.
The airlines discovered the cybersecurity attack which resulted in unauthorized and unlawful access to its information system on August 23.
The company hasn’t revealed how many customers were involved in the breach or what timeframe the data came from. However, they stated that in an investigation it was found that the names, nationalities, genders, phone numbers, emails, addresses, contact information, passport information, historical travel information, partial credit card information and special meal information for passengers of the airline had been accessed.
The company is still conducting an investigation into the attack and is working on strengthening its IT system as it identifies potential victims.
The hackers could not manage to affect Bangkok Airways’ operational or aeronautical security systems, and they have notified the Royal Thai police.
As a precautionary measure, the company recommends all the passengers to contact their bank or credit card provider and follow their advice and change any compromised passwords as soon as possible.
Besides the company would like to caution passengers to be aware of any suspicious or unsolicited calls and/or emails, as the attacker may be claiming to be Bangkok Airways and try to perform phishing attacks.
The customers are requested to contact the police or take legal action if they get any notices purporting to be from Bangkok Airways asking for credit card details or other information.
The announcement coincided with a notice from the LockBit ransomware group stating that they were planning to release 103 GB of compressed files on August 30 that it claimed was stolen from Bangkok Airways.
Those who believe they may have been affected by the attack are urged to contact infosecurity@bangkokair.com for more information.