Everest Ransomware Leaks 1.5M Dublin Airport Passenger Records
Category:Threat Alerts / Ransomware
The Everest ransomware group claims to have stolen over 1.5 million passenger records from Dublin Airport and employee data from Air Arabia. The leak, part of an ongoing aviation-targeting campaign, underscores growing risks in airline data security.
CORTEX Protocol Intelligence Assessment
Business Impact: Major reputational and compliance risk for affected airlines due to exposure of travel and passenger data. Technical Context: Everest exploited weak credentials and unsecured FTP servers to exfiltrate sensitive operational datasets.
Strategic Intelligence Guidance
- Conduct comprehensive data impact analysis and notify affected passengers.
- Review FTP exposure and enforce strong authentication policies.
- Coordinate with CERTs and aviation authorities to mitigate further data leaks.
- Implement breach containment and dark web monitoring for leaked data.
Vendors
Threats
Targets
Impact
Data Volume:1.5M records
Financial:$2.4M
Intelligence Source: Everest Ransomware Says It Stole 1.5M Dublin Airport Passenger Records | Oct 27, 2025