The BlackCat ransomware group (aka ALPHV), claimed responsibility for the attack on Swissport that interfered with its operations.
Swissport International Ltd. is an aviation services company providing airport ground,lounge hospitality and cargo handling services owned by an international group of investors. The company handles around 282 million passengers and 4.8 million tonnes of cargo annually, on behalf of some 850 client-companies in the aviation sector. With a workforce of around 66,000 personnel, Swissport is active at 307 locations in 50 countries, and generates consolidated operating revenue of EUR 2.8 billion.
Swissport International was hit by a ransomware attack that had a severe impact on its operations causing flights to suffer delays.
According to the German website Spiegel, the ransomware attack impacted a limited part of the company’s global IT infrastructure, a company spokesman confirmed that the security breach took place on Thursday morning at 6 AM.
BlackCat ransomware operators leaked a sample of data allegedly stolen during the ransomware attack, claiming to have stolen 1.6TB of data that are available for sale.
Leaked data include business documents, tax declarations, images of passports, and ID cards of individuals. Leaked data also includes personal information of job candidates, including name, passport number, nationality, religion, email, phone number, job role, interview scores, and more.
Some members of the Black Cat ransomware gang are former members of the BlackMatter/DarkSide ransomware group.
(SecurityAffairs – hacking, SIM swapping)