Cyber Incident Victim: Kenya Airways

Kenya Airways Ltd., the flag carrier of Kenya, experienced a significant ransomware attack on December 30, 2023. The incident resulted in unauthorized access to confidential company data, which was subsequently leaked on the internet by the threat actors. The hacking group Ransomexx claimed responsibility for the breach and publicly released samples of stolen information to demonstrate the success of their operation. This attack compromised sensitive airline records containing personal and operational details spanning multiple categories of the carrier's activities. The breach exposed internal documents that extended beyond typical passenger information to include specialized investigative files maintained by the organization.

The leaked data encompassed historical passenger records, death certificates, accident investigation reports, passport application documents, and strategic plans related to airline operations. The exposure of death records and accident reports indicated the attackers accessed highly sensitive documentation typically protected for legal and privacy reasons. Passport application details within the breach raised concerns about identity theft risks for affected individuals. The theft of strategic carrier plans suggested potential competitive disadvantages for Kenya Airways in future aviation markets. While the full scope of compromised systems remained unspecified, the diversity of leaked records demonstrated wide-ranging access across multiple data repositories within the airline's infrastructure.