Pakistan International Airlines (PIA) reportedly suffered a major security breach after its network access and database were put on sale for $4,000 on the dark web.
An Israeli company called KELA reportedly discovered a threat actor selling the airline domain admin access for $4,000, according to a media report.
The threat actor also put all the databases in the airline's network up for sale a week later, the company claims.
The fraudsters published a sample, which they claim contains all the personal information of PIA users, including names, last names, phone numbers, and passport information.
TPRM report: https://scoringcyber.rankiteo.com/company/pakistan-international-airlines
"id": "pak2575623",
"linkid": "pakistan-international-airlines",
"type": "Breach",
"date": "11/2020",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Aviation',
'location': 'Pakistan',
'name': 'Pakistan International Airlines (PIA)',
'type': 'Airline'}],
'attack_vector': 'Dark Web Sale',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Passport Information']},
'description': 'Pakistan International Airlines (PIA) suffered a major '
'security breach after its network access and database were '
'put on sale for $4,000 on the dark web.',
'impact': {'data_compromised': ['Personal Information',
'Passport Information']},
'initial_access_broker': {'data_sold_on_dark_web': True,
'entry_point': 'Dark Web Sale'},
'motivation': 'Financial Gain',
'references': [{'source': 'Media Report'}],
'title': 'Pakistan International Airlines (PIA) Data Breach',
'type': 'Data Breach'}