"Bangkok Airways Apologizes for Passport Info Breach as LockBit Ransomware Group Threatens Data Leak"
Bangkok Airways issued a statement to its customers apologizing for a data breach involving their passport information and other personal data. According to the company, the cybersecurity incident occurred because of unauthorized and unlawful access to its information system on August 23. Bangkok Airways has not yet revealed how many customers were impacted by the breach or the timeframe from which the data came. However, an investigation of the incident did reveal that names, nationalities, genders, phone numbers, emails, addresses, contact information, historical travel information, partial credit card information, and more had been accessed in the cyberattack. According to the statement, the attackers were not able to impact Bangkok Airways' operational or aeronautical security systems. Passengers are urged to contact their bank or credit card providers for further advice and change compromised passwords immediately. Bangkok Airways' announcement coincided with a notice from the LockBit ransomware group claiming that it was planning to leak 103 GB of compressed files stolen from the company. Members of the LockBit group are actively exploiting vulnerabilities contained by Fortinet FortiOS and FortiProxy products to gain initial access to specific victim networks. The group largely targets commercial and professional services, as well as the transportation sector. This article continues to discuss the data breach faced by Bangkok Airways and key findings surrounding the LockBit ransomware group.