In a startling disclosure, the malicious extortion group, BianLian, has claimed responsibility for breaching the network of Air Canada, the nation’s premier airline and a founding member of Star Alliance. This revelation comes amidst a contrasting statement from Air Canada in September, downplaying the severity of the breach.
The nefarious BianLian group has purportedly made away with a whopping 210GB of data following the network intrusion. This claim starkly contrasts the earlier statement from Air Canada, which had indicated only a limited impact concerning some employee information and certain records.
Adding salt to the wound, BianLian, notorious for its extortion endeavors, went on to share screenshots of the purloined data on their dark web leak site, evidently mocking the airline’s understated disclosure. The data, as claimed by the extortionists, encompasses a broad spectrum ranging from technical and operational documents, SQL backups, employee personal information, vendor and supplier data, to confidential documents and archives from company databases spanning from 2008 to 2023.
The extortion group, which switched its modus operandi to extortion-only attacks since January 2023, chided Air Canada for disseminating “half-truths” about the attack. They provided a detailed account of their attack on their official dark leak site, casting doubts on the airline’s transparency regarding the incident..
Air Canada, on its part, acknowledged the extortion threats but did not confirm BianLian’s claims of orchestrating the breach. They reiterated their unwillingness to engage with the anonymous group’s claims based on cybercrime, urging responsible reporting on such issues. The airline has yet to provide further details regarding the number of affected individuals, the exact date of the breach, and its detection timeline.
As the clouds of uncertainty loom, the saga reveals the critical importance of cybersecurity in safeguarding sensitive organizational and customer data against the ever-evolving threat landscape. The contrasting narratives between Air Canada and the BianLian extortion group underscore the challenge of navigating the murky waters of cybersecurity and the imperative of robust, transparent responses to such adversarial actions.
FASTEST AND EASY WAY TO RECOVER YOUR CRYPTO 2024
I’m one of those few people who invested in the cryptocurrency market and was hoping to make enough profits after my retirement. Unfortunately, I had invested in a platform that was out to steal from me, I lost around $275,000 to this platform excluding the promised profits. I had lost every penny I invested into it including the money I had to borrow from friends. I thought it was all over until I came across a Cryptocurrency recovery expert, ETHICSREFINANCE SERVICE, who helped me recover my money from these fake investors. It took ETHICSREFINANCE 48 hours to recover my money and I was able to track down these people. I?m truly grateful for their service and I highly recommend them to anyone with the same problem.
CONTACT THEM NOW :
Email Address: ethicsrefinance@gmail.com
TELEGRAM: @ethicsrefinance.
“These are worrying claims that could mean criminals have access to highly sensitive information that would put Air Canada’s infrastructure, customers, and employees at risk.
BianLian is famous for targeting organisations via stolen privileged credentials, so the attack potentially once again highlights the need for organisations to improve the security of their workforce access. When it comes to defending against attacks on workforce credentials, organisations can improve security by removing the need for employees to remember, manage or ever see their passwords. This can be achieved using a modern workforce identity management solution that provides Single Sign-On and enterprise password management, enabling passwords to be used where applications rely on them, but have them hidden from the workforce, significantly improving the user experience while ensuring credentials can’t be stolen by attackers and then used in data breaches or extortion attacks.
If this high volume of data has been compromised, Air Canada must inform impacted parties as a priority, so they can be on alert for fraud and phishing scam, which are aiming to exploit them further by stealing more of their confidential data.”
“This is a position no organisation wants to find itself in. Announcing a cyberattack is damaging enough, but announcing a cyberattack with incorrect information can cause permanent damage. Air Canada announced last month that limited data was impacted in the breach, but now BianLian has stated it had much deeper access which allowed them to compromise gigabytes of sensitive information. Air Canada must continue its investigations into the breach to work out the validity of the claims. However, making false announcements on victims is something ransomware gangs avoid as it damages their reputations and profitability opportunities.
The incident is a further reminder of the powerless position organisations are placed in when facing extortion attacks. Regardless of whether the organisation’s data is encrypted, the attackers still have access to it, so they hold the power.
This means organisations must prioritise defences before attacks occur. This involves training employees on the techniques criminals use to access systems, keeping all systems up to date with the latest patches, running a regular back up system, layering security and implementing network segmentation to prevent attackers spreading.
Furthermore, it is also advised that organisations take the average ransomware sum likely to be demanded from them in the event of a compromise – then use that figure as their budget for investing in adequate defensive tooling.”