**Korean Air Employee Data Exposed in Cyberattack on Partner Firm**
Korean Air, South Korea’s largest airline, confirmed that sensitive employee information was compromised following a cyberattack on KC&D, a third-party vendor responsible for in-flight meals and onboard sales. The breach, disclosed in an internal notice on Monday, exposed personal data—including names and phone numbers—stored on KC&D’s servers.
The airline detected the incident after being alerted by KC&D and responded by implementing emergency security measures and reporting the breach to authorities. Employees were advised to monitor for potential follow-up attacks, such as phishing attempts via suspicious messages.
This incident adds to a growing trend of data breaches affecting major South Korean companies, including recent attacks on Coupang, KT Corp., and Shinhan Card. Meanwhile, Korean Air is also navigating regulatory scrutiny over its merger with Asiana Airlines, with the Fair Trade Commission requiring revisions to its mileage integration plan by next month. The acquisition, finalized in December 2024 after a four-year review, allows Asiana customers to retain their mileage value for a decade post-merger.
Source: https://english.mathrubhumi.com/news/world/korean-air-employee-data-leak-cyberattack-sqesoq0p
KC&D TPRM report: https://www.rankiteo.com/company/kc&d
Korean Air TPRM report: https://www.rankiteo.com/company/korean-air
"id": "kc&kor1766985380",
"linkid": "kc&d, korean-air",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Aviation',
'location': 'South Korea',
'name': 'Korean Air',
'type': 'Airline'},
{'customers_affected': 'Korean Air employees',
'industry': 'Catering and Onboard Sales',
'location': 'South Korea',
'name': 'KC&D',
'type': 'Supplier'}],
'data_breach': {'personally_identifiable_information': 'Names and phone '
'numbers',
'sensitivity_of_data': 'Low to moderate (names and phone '
'numbers)',
'type_of_data_compromised': 'Personal information'},
'description': 'Personal information of employees at Korean Air was leaked '
'after a cyberattack hit KC&D, a partner firm handling its '
'in-flight meals and onboard sales services. The breach '
'exposed names and phone numbers of Korean Air employees '
"stored on KC&D's servers.",
'impact': {'data_compromised': 'Names and phone numbers of employees',
'identity_theft_risk': 'Potential secondary damage (e.g., phishing '
'via suspicious text messages or emails)',
'systems_affected': "KC&D's servers"},
'references': [{'source': 'Yonhap News Agency'}, {'source': 'IANS'}],
'response': {'communication_strategy': 'Internal notice to employees urging '
'vigilance against potential secondary '
'damage',
'incident_response_plan_activated': 'Emergency security measures',
'law_enforcement_notified': 'Reported to relevant authorities'},
'threat_actor': 'Hacker group',
'title': 'Korean Air Employee Data Exposed in KC&D Cyberattack',
'type': 'Data Breach'}