Daixin Team claims responsibility for AirAsia ransomware attack

Share post:

Daixin Team, a cybercrime group, has made public new data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal, just over a week after the company was hit by a ransomware attack on November 11 and 12.

The threat actors allegedly claim to have obtained personal information on five million unique passengers as well as all of the airline’s employees.

The Daixin Team has provided two spreadsheets that seem to to contain personal information from airline passengers and employees, such as date of birth, country of birth, where that person is from, when employed for employees, and the “secret question and answer” used to secure accounts.

According to the group, it shared a sample of the data with AirAsia after encrypting its database and demanding an undisclosed fee to unlock it and explain how it gained access to the network. It went on to say that the lack of organization on AirAsia Group’s network saved the company from further attacks.

Daixin Team added that, in order to avoid encrypting or destroying anything that could be life-threatening, it has avoided locking up critical files related to flying equipment but has completely locked out access to staff and passenger records until payment is made.

According to reports, AirAsia did not attempt to negotiate the amount, implying that they had no intention of paying anything.

The sources for this piece include an article in TheHackerNews.

SUBSCRIBE NOW

Related articles

Sleeper Supply Chain Attack Activates After 6 Years

A coordinated supply chain attack has compromised between 500 and 1,000 e-commerce websites by exploiting vulnerabilities in 21...

Russian-Controlled Open Source Tool Raises Alarms Over U.S. Cybersecurity

A widely used open-source Go library, easyjson, used in healthcare, finance and even defence has come under scrutiny...

Signal Archiving Tool Used By Trump Admin Is Breached, Raising Alarms Over Messaging Security (EDITORIAL)

(EDITORIAL) A messaging tool used by Trump administration officials to archive encrypted Signal messages has been hacked —...

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways