Data Security

Bangkok Airways hit by Lockbit ransomware; leaks 103GB of data


The Lockbit ransomware gang also claimed to have ”extra 200 GB” worth of Bangkok Airways data.

On Thursday, Bangkok Airlines confirmed that the notorious LockBit ransomware gang ‘LockBit 2.0’ has stolen around 103 GB of data from the company and is now threatening to leak it online.

Hackread.com can now confirm that the ransomware gang has leaked the data online. 

SEE: Accenture claims to fight off LockBit ransomware gang with backup

The incident was reported to the Royal Thai police and relevant authorities. The company urges passengers to contact their credit card company or bank and change their login credentials immediately. The notice to customers further reads:

“In addition to that, the company would like to caution passengers to be aware of any suspicious or unsolicited calls and/or emails, as the attacker may be claiming to be Bangkok Airways and attempt to gather personal data by deception (known as ‘phishing’).”

Unspecified Volume of Passengers PII Compromised

The airline admitted that the cyberattack occurred on August 23rd, and attackers stole an unspecified volume of personally identifiable information of passengers.

However, the Thai airline explained in a brief update that the incident didn’t impact its aeronautical or operational security, and only the personal data of passengers was accessed.


A screenshot of the countdown of the LockBit 2.0 clock was posted by DarkTracer, a Dark Web intelligence firm.

The screenshot from the Lockbit ransomware gang’s site shows the group has published the data – Image: Hackread.com.

What Kind of Data Was Compromised?

The stolen data may include a passenger’s:

  • Full name
  • gender
  • nationality
  • phone number
  • home address
  • Email address.

In addition to this, it may include

  • Travel history
  • Passport-related information
  • Particular meal information
  • partial credit card information.


The airline didn’t specify how its IT systems were compromised and the objective behind the attack. The company’s warning notice surfaced on the web at the same time when LockBit 2.0 revealed details of the attack.

To Top

Pin It on Pinterest

Share This