Air Côte d’Ivoire reveals cyberattack: “some data was stolen”

Published: 25 February 2026
Air_Cote_dIvoire
Air Côte d'Ivoire Airbus A320-200 registered TU-TSW taking off. The Taxi Photographer/Shutterstock.

Air Côte d'Ivoire, the flag carrier of the Ivory Coast, was hit with a cyberattack earlier this month. Business operations continued as normal, but some data was stolen by the attackers.

In the early hours of Sunday, February 8th, 2026, IT employees of the airline company of the West African country discovered a “cybersecurity incident,” affecting parts of the company’s information system.

Upon detection and according to the company’s continuity plans, technical teams deployed security protocols to ensure the continuation of the airline’s flights and other operations. However, the teams couldn’t prevent the exfiltration of an unknown quantity of files containing data.

ADVERTISEMENT

As soon as the data breach came to light, the National Cybersecurity Agency of Côte d’Ivoire (ANSSI-CI) and the Telecommunications Regulatory Authority of Côte d'Ivoire (ARTCI) were informed.

Strong password generator

Upgrade the security of your online accounts.
Create strong passwords that are completely random and impossible to guess.
Generated unique password
Ad link_title
Convenient way to secure and use all your passwords. Now 72% OFF!
Get NordPass

Security experts of the Côte d’Ivoire Computer Emergency Response Team (CI-CERT) and international experts are currently looking into the incident to determine the origin and extent of the data breach, and to strengthen the security of the airline company’s IT environment.

“Air Côte d’Ivoire, aware of the risks that the data leak could pose to its service providers, passengers, and employees, is working closely with the relevant authorities to mitigate the consequences. It assures the public that its flight schedule and operations will continue as normal, in strict compliance with international security standards,” the airline company said in a press release that was published on social media platform X.

Air Côte d’Ivoire doesn’t say who’s responsible for the incident or if any ransom demands have been made.

According to security threat intelligence platform Hackmanac, INC Ransom has claimed to have breached the airline company. Allegedly, the ransomware operation has stolen 194GB of data.

INC Ransom was first noted in July 2023 and has claimed to have attacked hundreds of companies since then, including Xerox and NHS Scotland. According to Cybernews’ Ransomlooker, INC Ransom is one of the most active ransomware gangs out there.

ADVERTISEMENT

INC Ransom is considered a multi-extortion operation, meaning it not only encrypts and steals its target’s data but then threatens to publish it online if the victim doesn’t come up with the ransom money.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT