Gulf Air, the national air carrier for the Kingdom of Bahrain, has confirmed suffering a data breach which most likely resulted in hackers stealing sensitive customer information.
The company confirmed the news via a press release shared with local media highlighting a “data breach incident” on November 24, possibly resulting in the compromise of “some information from its email and client database” due to unauthorized access.
The notification says nothing about the nature of the incident, so it’s still not known if this is a ransomware attack or if the threat actor abused any of the currently popular vulnerabilities in MOVEit, Citrix Bleed or similar to deploy information-stealing malware to company endpoints.
Extortion attempts and class-action lawsuits
“Necessary contingency plans were instantly activated to contain the incident,” the company added.
While the cyberattack did result in data theft, operations and critical systems were “unaffected and remain fully intact without any disruptions to its flight schedules,” Gulf Air said, which typically rules out a ransomware attack. Unauthorized access via phishing or social engineering is still possible, though.
“The relevant authorities have been notified and Gulf Air is working with them to investigate the matter thoroughly,” the air carrier concluded. “Gulf Air takes such matters extremely seriously and regrets any inconvenience this incident may cause to its valued customers,” it added.
Data has become one of the hottest commodities in recent years, with hackers coming up with new and innovative ways to steal it almost daily. The majority of today’s active groups will try and exchange the data (and the promise of keeping it private) for money. Usually, only the groups calling themselves “hacktivists” would leak sensitive data without negotiations.
Data leaks are a major problem for companies, as they lead to business disruptions, loss of customer trust, regulatory fines, possible class-action lawsuits, and more.