October 11, 2023 at 05:08PM
The BianLian extortion group claims to have stolen 210GB of data from Air Canada, including technical and operational information, employee personal data, vendor and supplier information, and confidential documents. The group has shared screenshots of the stolen data as proof. Air Canada has acknowledged the threats but has not confirmed the group’s involvement in the breach. The airline has yet to disclose the extent of the impact on employees and the timeline of the attack. Air Canada has also advised customers to secure their accounts following the breach.
Key Takeaways from the Meeting Notes:
1. The BianLian extortion group claims to have breached Air Canada’s network and stolen 210GB of data.
2. While Air Canada initially stated that the breach only affected limited employees and certain records, the attackers now claim that the stolen documents contain much more extensive information.
3. The threat actors have shared screenshots of the stolen data on a dark web data leak website and provided a detailed description of what was stolen.
4. The stolen data includes technical and operational data from 2008 to 2023, personal information of employees, backups of SQL databases, information about vendors and suppliers, confidential documents, and archives from company databases.
5. Air Canada has acknowledged the threats from BianLian but has not confirmed that the group is behind the breach.
6. The airline has not disclosed the number of affected employees, the date of the breach, or when the attack was detected.
7. Air Canada has advised customers to enable SMS-based multifactor authentication on their Aeroplan accounts and use strong passwords to protect against credential stuffing and password spraying attacks.
8. This is not the first security breach for Air Canada; back in 2018, the company experienced another breach where unauthorized parties accessed the profile information of 20,000 mobile app users.
9. In the 2018 breach, attackers gained access to names, email addresses, phone numbers, passport numbers, expiration dates, and other personal data of mobile app users.
10. Air Europa, a Spanish airline, has also recently experienced a data breach where customer credit card information was accessed, leading the airline to advise customers to cancel their credit cards.