Confidential information allegedly obtained dubiously from Kenya Airways (KQ) digital systems has been leaked online.
A notorious group of organized hackers named Ransomexx teased the internet with some sample data they had obtained from a ransomware attack they allegedly carried out on December 30, 2023.
The breached data includes details about the airline’s past passengers, staffing efforts and research activities. Passport applications, accident reports, death records and airline plans were among the mix. Some of these files have reportedly been maliciously leaked onto the Dark Web.
KQ, Africa’s largest and second most efficient airline, flies to 42 destinations worldwide and carries more than 4 million people every year. Part-owned by the Kenyan government, it serves at least 35 destinations in Africa after overtaking Ethiopian Airlines as the continent’s top carrier.
The airline is yet to issue a statement on the development. However, from the filings so far, Ransomexx has gotten its hands on an alarming amount of internal data, not excluding login portal passwords, personal information of top government officials, and signed business contracts.
One of the newest ransomware gangs on the block, Ransomexx became known in 2020 following a cyber attack on several high-profile organizations including Starhub, Digicel, FerrariGigabyte, SeaDoo and Linux.
However, since it actually happened, the event does not do it in isolation. In March 2023, the Kenya Airports Authority (KAA) admitted a breach by a hacking group known as Medusa. Procurement plans, physical plans, field surveys, invoices and receipts were leaked in the process.
According to Liquid Intelligent Technologies pan-African cyber security report, cyber attacks on Kenyan businesses increased by 82%. in the third quarter of 2022, with a record 860 million incidents.
It is recalled that in December 2023, the Central Bank of Lesotho suffered a cyber attack that took its national payment system offline for 5 days.
This is a developing story.