Bangkok Airways admits data breach

Date:
Wed, 01 Sep 2021 00:13:42 +0000

Description:
Bangkok Airways finds itself in a tough spot as it admits to losing sensitive information of customers.

FULL STORY ======================================================================

Thai regional airline Bangkok Airways has acknowledged it fell victim to a cybersecurity attack, which has robbed it off personally identifiable information (PII) of customers.

In a statement , the airline admitted that threat actors had managed to steal sensitive information about its passengers including their name, physical and electronic contact details, passport information, historical travel details, as well as partial credit card information.

On 23 August 2021, Bangkok Airways Public Company Limited discovered that the company had been a victim of [a] cybersecurity attack which resulted in unauthorized and unlawful access to its information system, the company
added. TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix
so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

Click here to start the survey in a new window << These are the best ransomware protection tools We've put together a list of the best data loss prevention services Shield yourself with these best identity theft protection services

The airline adds that when the incident came to light, the company took steps to contain the event, and is currently not just investigating the breach, but also trying to verify the compromised data and the affected passengers. Between a rock and hard place

The airline however hasnt specified the number of customers whose details
have been exfiltrated, as that aspect appears to be under investigation.

Strangely, even though it has acknowledged losing partial credit card
details, the company hasnt yet offered subscriptions to identity fraud prevention services , which companies usually do in cases of ransomware gangs getting their hands on such sensitive PII.

According to ZDNet , Bangkok Airways statement came just when the LockBit ransomware gang announced that it had laid its hands on 103 GB of compressed data from the campaign against the airline.

Originally the group had threatened to release the data on August 30 if its ransom demands werent met. However, there arent reports of the data being disclosed publicly, which probably means that the two parties are at the negotiating table.

Quentin Rhoads-Herrera, Director of Professional Services at Managed
Detection and Response ( MDR ) services provider, CriticalStart believes the airline is in a tight spot. Irrespective of whether it decides to pay the ransom or risk damaging its reputation, the company has to muddle through the murky waters of disclosure compliance.

It is up to Bangkok Airways to notify the customers impacted which might
cause complications due to customers residing in several different countries. Adding on top of that the different regulatory bodies like GDPR might require responses from the airways further adding complexity, suggests
Rhoads-Herrera. Protect your devices with these best antivirus software

Via ZDNet



======================================================================
Link to news story: https://www.techradar.com/news/bangkok-airways-admits-data-breach/


--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)