South Korean airline Korean Air has disclosed a knowledge breach exposing 30,000 worker information following a cyberattack on its former subsidiary and present catering provider, Korean Air Catering & Obligation-Free (KC&D).
KC&D was initially a division of the airline, but it surely spun off and was offered to a non-public fairness agency in 2020. Along with Korean Air, KC&D serves many different main airways from Asia and different elements of the world.
In keeping with Korea JoongAng Every day, KC&D not too long ago knowledgeable Korean Air that data belonging to the airline’s workers has been compromised.
Korean Air reportedly confirmed that hackers have stolen the data of roughly 30,000 of its present and former workers from KC&D, together with names and checking account numbers. Buyer information was not uncovered, the airline mentioned.
The disclosed incident is probably going associated to the current Oracle E-Enterprise Suite (EBS) marketing campaign, through which cybercriminals exploited EBS zero-day vulnerabilities to realize entry to information saved by greater than 100 organizations within the enterprise administration software program.
Whereas the marketing campaign is believed to have been carried out by a cluster of the FIN11 menace group, the Cl0p ransomware group has publicly taken credit score for the assault, naming victims on its Tor-based leak web site and publishing information stolen from organizations that refused to pay a ransom.
KC&D was added to the Cl0p leak web site on November 21, and the cybercriminals have since made public practically 500 GB of archives containing information allegedly stolen from the corporate.
The Oracle EBS marketing campaign has hit dozens of main organizations and KC&D will not be the one sufferer within the aviation business. American Airways subsidiary Envoy Air was among the many first confirmed victims. Commercial. Scroll to proceed studying.
Whereas a number of the organizations hit by the Oracle hack mentioned the information breach was restricted to worker data, others admitted that the private data of thousands and thousands of individuals was stolen from their techniques.
Information of the Korean Air information breach comes simply days after one other main South Korean airline, Asiana Airways, reported that the data of roughly 10,000 workers could have been stolen by hackers. There is no such thing as a indication that the Asiana cybersecurity incident is expounded to the Oracle EBS marketing campaign.
Associated: Auto Elements Large LKQ Confirms Oracle EBS Breach
Associated: Dartmouth School Confirms Information Theft in Oracle Hack
Associated: Canon Says Subsidiary Impacted by Oracle EBS Hack
