The personal details of around seven thousand individuals from Etihad’s loyalty program were sent to the Gulf News by an anonymous source.
The breach was a result of an attack on a third party that worked with the airline in 2013 to run a promotional campaign
The leaked information included the names, email addresses, phone numbers, and IP addresses of the customers.
Source: https://blog.itgovernance.co.uk/blog/etihad-airways-investigating-data-breach-dating-back-to-2013
TPRM report: https://scoringcyber.rankiteo.com/company/etihadairways
"id": "eti2386522",
"linkid": "etihadairways",
"type": "Breach",
"date": "01/2016",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 7000,
'industry': 'Aviation',
'name': 'Etihad Airways',
'type': 'Airline'}],
'attack_vector': 'Third-party attack',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 7000,
'personally_identifiable_information': ['names',
'email addresses',
'phone numbers',
'IP addresses'],
'type_of_data_compromised': ['names',
'email addresses',
'phone numbers',
'IP addresses']},
'description': 'The personal details of around seven thousand individuals '
'from Etihad’s loyalty program were sent to the Gulf News by '
'an anonymous source. The breach was a result of an attack on '
'a third party that worked with the airline in 2013 to run a '
'promotional campaign. The leaked information included the '
'names, email addresses, phone numbers, and IP addresses of '
'the customers.',
'impact': {'data_compromised': ['names',
'email addresses',
'phone numbers',
'IP addresses']},
'references': [{'source': 'Gulf News'}],
'threat_actor': 'Anonymous source',
'title': 'Etihad Loyalty Program Data Breach',
'type': 'Data Breach'}