Bangkok Airways has revealed it had become the victim of a cyberattack from ransomware group LockBit.
The incident is the latest in a litany of similar cyber-attacks on both private and public enterprises this year, with high profile targets including Colonial Pipeline; meat producer JBS; Toshiba; Axa Insurance; CNA Insurance; and the Irish Health Service.
In a statement, Bangkok Airways said that on 23 August 2021, it discovered that the company had been a victim of cybersecurity attack which resulted in unauthorized and unlawful access to its information system.
Upon such discovery, the company added that it immediately acted to investigate and contain the event, with the assistance of a cybersecurity team.
Currently, the company is investigating to verify the compromised data and the affected passengers as well as taking relevant measures to strengthen its IT system:
“An initial investigation of the incident appeared to confirm that some of the personal data may have been accessed which are, passenger name, family name, nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information.”
“The company however, confirms that the incident did not affect the company’s operational or aeronautical security systems.”
“This incident has been reported to the Royal Thai police as well as providing notification to the relevant authorities.”
This is not the first time that LockBit has been in the news. Earlier this month the gang targeted Accenture, which said that it had “immediately contained the matter and isolated the affected servers” and that “there was no impact on Accenture’s operations, or on our clients’ systems”.