The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal.
On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team.
The threat actors allegedly claim to have obtained the personal data associated with five million passengers and all of its employees.
The leak site contains sample data which reveal passenger information and the booking IDs as well as personal data related to the company’s staff.
According to a spokesperson for the threat actor, AirAsia actually responded to Daixin when the group reached out to the company.
The ransomware group did not reveal the amount that it asked from AirAsia or whether the multinational aviation company have paid any of the ransom
Further attacks were not carried by the group due to AirAsia’s poor security measures and “the chaotic organization of the network.”
Daixin Team was recently the subject of an advisory from the U.S. cybersecurity and intelligence agencies, which warned of attacks mainly aimed at the healthcare sector.
Some of the other victims of the criminal group include Fitzgibbon Hospital, Trib Total Media, ista International GmbH, and OakBend Medical.