Kenya Airways attack allegedly exposes passenger details


Kenya Airways, one of Africa’s largest airlines, has been claimed by the Ransomexx ransomware gang. The group has shared what is alleged to be company data on its dark web blog.

The attackers shared over 2GB of data it says was stolen from the airline, which includes troves of sensitive information. The cybercrooks posted a data tree, which allegedly reveals that they’ve taken incident reports, passport copies, and various air crash reports.

We’ve reached out to Kenya Airways for comment but have yet to a response from them.

The attackers begin their post on the attack with a picture supposedly depicting damage to one of the airline’s planes’ engines. Meanwhile, the data sample allegedly includes various passwords to uncredited systems.

Kenya Airways is a Nairobi-based flag carrier of Kenya. The company operates dozens of aircraft and serves over 40 destinations. The company is among Africa’s busiest airlines.

Ransomexx was first observed targeting organizations in mid-2020. Dozens of organizations have since been hit using the gang’s malware.

Notable victims include the Italian luxury car maker Ferrari, Japanese tech company Konica Minolta, Taiwanese computer hardware manufacturer GIGABYTE, US software provider Tyler Technologies, and others.