[MART] - Daily Diary #339 - Another Airline Company Breached By LockBit

CTAS-MAT ctas-mat at appgate.com
Wed Sep 1 23:24:57 UTC 2021


I hope everyone is doing well!

Below is the entry for today.

09/01/2021 - Diary entry #339:

The ransomware gang LockBit, covered in some recent Daily Diaries (#315 and #325), have published now the breached data from the Bangkok Airways. Among the exposed data, there are passengers personal data, passport info, historical travel data, credit card info and special meal details.

A week earlier, the group published another airline company data: the Ethiopian Airlines. These two attacks were allegedly facilitated by an earlier and major one: the Accenture breach. From the Accenture breach, the group claimed they were capable of steal the data and obtain the credentials used on those airlines attacks. However, the Accenture company stated that these allegations are false, and that there was no impact on its operations, neither on its client's systems.

Known as the technique "T1078" by the MITRE ATT&CK framework, stolen and valid credentials are commonly used by the ransomware operators as initial vector to hit organizations' systems. If the claim is true, Accenture's customers should take precautions since Accenture is one of the largest tech consultancy firms in the globe.

Kind Regards,


[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>

Felipe Tarijon de Almeida
Malware Analyst

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
O: +55 11 97467 9549

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/mart/attachments/20210901/35c1752f/attachment.htm>

More information about the MART mailing list