Cyber Incident Victim: Bangkok Airways
Date:
Aug 2021
Location:
Thailand
Summary
Bangkok Airways experienced a cybersecurity attack involving unauthorized access to its information systems, prompting an immediate investigation and containment effort with external cybersecurity support. The breach potentially compromised passenger data including names, contact details, passport information, travel history, partial credit card data, and meal preferences, though operational and aeronautical systems remained unaffected. The airline reported the incident to Thai authorities and advised customers to monitor for phishing attempts while providing dedicated contact channels for affected individuals.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 3 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On August 23, 2021, Bangkok Airways Public Company Limited identified unauthorized and unlawful access to its information systems, confirming it had been targeted in a cybersecurity attack. The company initiated immediate containment measures and engaged a cybersecurity team to investigate the breach. Preliminary findings indicated that attackers potentially accessed passenger data including full names, nationality, gender, contact details (phone numbers, email addresses, physical addresses), passport information, historical travel records, partial credit card data, and special meal preferences. The investigation confirmed the compromise did not extend to operational or aeronautical security systems, ensuring flight safety remained unaffected. Bangkok Airways formally reported the incident to the Royal Thai Police and other relevant authorities within days of discovery. The company prioritized verifying the exact scope of compromised data and identifying affected passengers while implementing IT system enhancements to prevent further exploitation.
The breach exposed sensitive personal information but did not involve full credit card details or critical aviation infrastructure. Bangkok Airways issued public notifications on August 26, 2021, urging passengers to monitor financial accounts, change compromised passwords, and report suspicious communications impersonating the airline. The advisory specifically warned against phishing attempts via calls or emails soliciting credit card information, clarifying that legitimate communications would not request such details. Affected passengers were directed to contact dedicated toll-free numbers for Thailand-based travelers, an international toll number, or a designated email address ([email protected]) during specified operating hours (08:00-17:30 Thailand Time GMT+7). The airline publicly apologized for the incident’s disruption and emphasized its commitment to data protection, though it did not disclose the attack vector, threat actor attribution, or total number of impacted individuals based on available information.