HQ/EMEAFind out how we can help your business
Kenya Airways, the flagship carrier of Kenya, currently faces a cybercriminal issue as the notorious Ransomexx ransomware group leaked a sample of their confidential files.
The airline, which plays a crucial role in connecting African nations to the rest of the globe, now suffers the aftermath of a targeted cyberattack that has exposed sensitive information, posing significant challenges to its operations and reputation.
The data leak allegedly started when Kenya Airways fell victim to a sophisticated cybercriminal attack by the Ransomexx group. These hackers are notorious for targeting various organisations worldwide.
The Ransomexx ransomware group exposed the files of Kenya Airways on their data leak website.
One of our iZOOlogic researchers noticed that the Ransomexx ransomware operators leaked the Kenya Airways files on their data leak website.
Our researchers stated that the files include sensitive information such as data linked to ‘passports’, ‘e-passports’, ‘passport applications’, and ‘RBS E passport appl.’ The exposed files also contain files relating to accidents, as such documents were named ‘Accident docs’, ‘Accident investigations’, ‘Accidents’, ‘Air Accident Investigations’, and ‘Investigation Reports.’
The most sensitive part of the data leak involves death-related files. According to our researchers, the published files included in the leak are ‘Death Announcements’, ‘Death Notification’, and ‘Staff Death’.
With the leaked information now in the public domain, the airline faces the deterring task of mitigating the fallout and protecting the interests of relevant individuals involved in the exposed files.
Kenya Airways has yet to address the leaked files or confirm its legitimacy. Hence, employees, stakeholders, authorities, and customers must wait for the airline company’s official statement.
iZOOlogic suggests that relevant parties potentially suffering from the alleged Kenya Airways attack should be wary of unwanted communications as the threat actors could use the stolen data to execute targeted phishing and fraud campaigns.
