Kenya Airways, one of Africa’s top airlines, recently fell victim to a significant ransomware attack orchestrated by the notorious RansomEXX group. The attack occurred in late December 2023, with hackers gaining access to and leaking sensitive data, including passenger details, internal operations, and business contracts.

RansomEXX, known for its global cyberattacks, breached Kenya Airways' systems and exposed sensitive information about past passengers, accident and death records, and strategic business plans. The stolen data also includes portal login credentials and government officials' personal information. Some of this data has already surfaced on the dark web, posing serious privacy and security concerns.

This breach marks a continuation of cyberattacks targeting Kenyan infrastructure, following a similar attack on the Kenya Airports Authority by the Medusa group earlier in 2023. The incident has raised alarms about the rising cybersecurity risks in Africa, highlighting the urgency for companies and governments to bolster digital defences.

Despite the attack, Kenya Airways has not yet issued a formal statement. However, experts warn that these breaches could lead to further misuse of the exposed data, underscoring the need for more robust cybersecurity measures. As the investigation continues, more details are expected to emerge regarding the full extent of the attack and its impact on the airline and its passengers.

Source: cybernews.com
Date: Jan 8, 2024