Confidential information allegedly obtained dubiously from the digital systems of Kenya Airways (KQ) has been leaked online.
A notorious group of organized hackers going by the name Ransomexx teased the internet with some data samples they had obtained from a ransomware attack they supposedly carried out on December 30th, 2023.
The compromised data comprises details about the airline's past passengers, staffing efforts, and investigative activities. Passport applications, accident reports, death records, and plans for the carrier were among the mix. Reportedly, some of these files have with malicious intent been leaked on the Dark Web.
KQ, which is Africa's largest and second most efficient airline, flies to 42 destinations globally and transports more than 4 million people every year. Owned partly by the Kenyan government, it covers at least 35 destinations in Africa, since overtaking Ethiopian Airlines as the continent's top flyer.
The airline is yet to release a statement on the development. But, from the submissions so far, Ransomexx has gotten its hands on a worrying volume of internal data, not excluding portal login passwords, personal info of top government officials, and signed business contracts.
One of the newest ransomware gangs on the block, Ransomexx became prominent in 2020 after cyber-attacking a variety of high-profile organizations, including Starhub, Digicel, Ferrari, Gigabyte, SeaDoo, and Linux.
Nonetheless, provided it indeed occurred, the event is not doing so in isolation. In March 2023, the Kenya Airports Authority (KAA) admitted to a breach from a hacking group known as Medusa. Procurement plans, physical plans, site surveys, invoices, and receipts were leaked in the process.
According to Liquid Intelligent Technologies' pan-African cybersecurity report, cyberattacks on Kenyan businesses surged by 82 percent in the third quarter of 2022, with a record-breaking 860 million incidents.
Recall that in December 2023, the Central Bank of Lesotho was hit with a cyberattack that took its national payments system offline for 5 days.
This is a developing story.