• Home
  • cyber
  • Iberia: Air Côte d'Ivoire confirms cyberattack following ransomware claims
cyber Ransomware

Iberia: Air Côte d'Ivoire confirms cyberattack following ransomware claims

Feb 8, 2026 2 min read
Iberia: Air Côte d'Ivoire confirms cyberattack following ransomware claims

Cyberattack Disrupts Air Côte d’Ivoire, INC Ransomware Gang Claims Data Theft

Air Côte d’Ivoire, the flagship airline of Côte d’Ivoire, confirmed a cyberattack on February 8 that disrupted parts of its information systems, forcing the company to activate business continuity measures. The INC ransomware gang later claimed responsibility, alleging it stole 208 GB of data and demanding an undisclosed ransom by February 24.

In a statement released on February 16, the airline acknowledged the breach and reported that technical teams were deployed to maintain flight operations. While assuring passengers that its flight program remained stable under international safety standards, Air Côte d’Ivoire warned of potential risks to service providers, employees, and travelers due to the data leak. The airline notified France’s ANSSI and Côte d’Ivoire’s ARTCI, while the country’s Computer Emergency Response Team (CI-CERT) and international experts launched an investigation into the incident.

Based in Abidjan, Air Côte d’Ivoire operates a fleet of 14 aircraft, serving destinations across Africa, Lebanon, and France. The INC ransomware group, known for high-profile attacks including breaches of the Pennsylvania Attorney General’s Office, the governments of Panama (2025) and Hungary (2024), and a U.S. emergency alert system disruption in November has increasingly targeted regional airlines. Last year, similar attacks affected South African Airways, Hawaiian Airlines, Qantas, Iberia, and multiple Russian carriers, highlighting the aviation sector’s vulnerability to ransomware threats.

Source: https://therecord.media/air-cote-divoire-confirms-cyberattack

Iberia TPRM report: https://www.rankiteo.com/company/iberia

"id": "ibe1771962749",
"linkid": "iberia",
"type": "Ransomware",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Aviation',
                        'location': 'Abidjan, Côte d’Ivoire',
                        'name': 'Air Côte d’Ivoire',
                        'type': 'Airline'}],
 'customer_advisories': 'Assurance that flight program remained stable under '
                        'international safety standards',
 'data_breach': {'data_exfiltration': '208 GB of data allegedly stolen',
                 'personally_identifiable_information': 'Potential PII of '
                                                        'travelers and '
                                                        'employees',
                 'sensitivity_of_data': 'Potentially sensitive data of service '
                                        'providers, employees, and travelers'},
 'date_detected': '2024-02-08',
 'date_publicly_disclosed': '2024-02-16',
 'description': 'Air Côte d’Ivoire confirmed a cyberattack on February 8 that '
                'disrupted parts of its information systems, forcing the '
                'company to activate business continuity measures. The INC '
                'ransomware gang later claimed responsibility, alleging it '
                'stole 208 GB of data and demanding an undisclosed ransom by '
                'February 24.',
 'impact': {'brand_reputation_impact': 'Potential risks to service providers, '
                                       'employees, and travelers due to data '
                                       'leak',
            'data_compromised': '208 GB',
            'identity_theft_risk': 'Potential risk to travelers and employees',
            'operational_impact': 'Disruption of operations, activation of '
                                  'business continuity measures',
            'systems_affected': 'Information systems'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': '208 GB of data allegedly stolen',
                'ransom_demanded': 'Undisclosed',
                'ransomware_strain': 'INC'},
 'references': [{'source': 'Cyber Incident Description'}],
 'regulatory_compliance': {'regulatory_notifications': ['ANSSI (France)',
                                                        'ARTCI (Côte d’Ivoire)',
                                                        'CI-CERT (Côte '
                                                        'd’Ivoire)']},
 'response': {'communication_strategy': 'Public statement released on February '
                                        '16',
              'incident_response_plan_activated': 'Yes',
              'recovery_measures': 'Technical teams deployed to maintain '
                                   'flight operations',
              'third_party_assistance': 'International experts'},
 'stakeholder_advisories': 'Warning of potential risks to service providers, '
                           'employees, and travelers due to data leak',
 'threat_actor': 'INC Ransomware Gang',
 'title': 'Cyberattack Disrupts Air Côte d’Ivoire, INC Ransomware Gang Claims '
          'Data Theft',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.