Gulf Air, the national carrier for the Kingdom of Bahrain, has confirmed a data breach that most likely resulted in hackers stealing sensitive customer information.
The company confirmed the news via a press release shared with local media, highlighting a “data breach incident” on November 24, possibly resulting in the compromise of “certain email and customer database information” due to unauthorized access.
The notification doesn’t say anything about the nature of the incident, so it’s still unknown if this is a ransomware attack or if the threat actor has exploited one of the currently popular vulnerabilities in MOVEit, Citrix Bleed, or the like to deploy information-stealing malware on corporate endpoints to place. .
Extortion attempts and class action lawsuits
“The necessary contingency plans were immediately activated to contain the incident,” the company added.
Although the cyberattack resulted in data theft, operations and critical systems “remained unaffected and remain fully intact without any disruption to flight schedules,” Gulf Air said, which generally rules out a ransomware attack. However, unauthorized access via phishing or social engineering is still possible.
“The relevant authorities have been notified and Gulf Air is working with them to thoroughly investigate the matter,” the airline concluded. “Gulf Air takes such matters very seriously and regrets any inconvenience this incident may cause to its valued customers,” it added. .
Data has become one of the hottest commodities in recent years, with hackers coming up with new and innovative ways to steal it almost every day. The majority of currently active groups will attempt to exchange the data (and the promise to keep it private) for money. Typically, only the groups calling themselves “hacktivists” would leak sensitive data without negotiation.
Data breaches are a major problem for companies because they lead to business interruption, loss of customer trust, fines from regulators, potential class action lawsuits and more.