daixin-ransomware-gang-steals-5-million-airasia-passengers’-and-employees’-data

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data

The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal.

The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per DataBreaches.net.

The threat actors allegedly claim to have obtained the personal data associated with five million unique passengers and all of its employees.

The samples uploaded to the leak site reveal passenger information and the booking IDs as well as personal data related to the company’s staff.

A spokesperson for the threat actor told DataBreaches.net that further attacks were not pursued owing to AirAsia’s poor security measures and “the chaotic organization of the network.”

Daixin Team was recently the subject of an advisory from the U.S. cybersecurity and intelligence agencies, which warned of attacks mainly aimed at the healthcare sector.

Other victims of the criminal group include Fitzgibbon Hospital, Trib Total Media, ista International GmbH, and OakBend Medical.

The Hacker News has reached out to AirAsia for comment and we will update the story if we hear back.


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related News

LastPass Discloses Second Breach in Three Months

LastPass Discloses Second Breach in Three Months

An attacker who breached the software development environment at LastPass this August and stole source code and other proprietary data…
Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines

Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines

An attacker submitting changes to an open source repository on GitHub could cause downstream software projects that include the latest…
One Year After Log4Shell, Most Firms Are Still Exposed to Attack

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed…