Cyprus’s flag carrier’s systems have allegedly been breached, with attackers getting extensive information on the airline's passengers, including their names, emails, and travel histories. They claim they can still access the system.
The attackers posted the announcement on a popular data leak forum, alleging that they’d stolen a whopping 41 gigabytes of data. The stolen details range from passenger names to travel details. Worryingly, cybercriminals claim they still have access to the airline’s systems and can see arrivals and departures in real time.
We have reached out to Cyprus Airways for comment and will update the article once we receive a reply.
Meanwhile, attackers claim they have stolen:
- Email addresses
- Names
- Surnames
- Travel dates
- Amount paid
- Document information
- Phone numbers
- Other details
The Cybernews research team investigated the data sample that the attackers attached to the post, concluding that most of it appears legitimate. According to the team, it includes passengers and some of the company staff. The data reveals a full passenger profile with some of the details in the sample as recent as June 3rd, 2025.
The attackers likely accessed ticket management software, as most of the information exposed is similar to what people provide when purchasing a ticket. The only silver lining is that payment card data does not appear to be exposed, or at least was excluded from the data sample.
If confirmed, the data breach could be a real headache for all parties involved. For one, attackers could utilize the information for targeted phishing attacks, financial fraud and identity theft.
Malicious actors could impersonate the airline, attempting to trick customers into revealing more personal details, such as financial information or payment card numbers. Moreover, cybercriminals could attempt to use stolen information to create fake identities, endangering the privacy of affected individuals.
More dedicated threat actors could utilize passenger travel information to seek out potentially empty homes that could later be targeted with burglary. At least in theory, attackers could attempt to convincingly impersonate victims to banks and other organizations.
The Nicosia-headquartered airline was launched in 2016 after Charlie Airlines obtained the right to use Cyprus Airways' trademark, a company that was liquidated a year prior. The airline’s fleet consists of six craft that take passengers to 19 destinations in Europe and the Middle East.
Airlines are a prime target for hackers, as they house numerous sensitive passenger details. Elit Avia, a private jet company based in Europe, was recently posted on a ransomware gang’s dark web leak site.
Last year, attackers breached the Spanish airline Air Europa, taking customer credit card details. Ransomware cartel BianLian also targeted Air Canada, attempting to extort hundreds of thousands from the company.
At the same time, American airline behemoth Delta, had its customer details exposed in a third-party data breach that impacted numerous organizations, such as Amazon, HP, Lenovo and others.
In 2023, Russian hackers targeted Scandinavian Airlines, reportedly taking down the carrier's booking system, causing severe delays for the company’s customers.
Your email address will not be published. Required fields are markedmarked