Find notable cyber news and cases, enriched with sources, timelines, and signals.

Korean Air employee data leak via KC&D breach

Data Leak
First reported
Last updated
Happening score
H score 40
1 unique sources, 1 articles

Summary

Hide ▲

The airline disclosed a data breach that exposed employee names and bank account numbers, creating fraud and impersonation risk for Korean Air staff. The leak followed a hack at KC&D, the carrier's in-flight catering supplier and former subsidiary, and local reports say attackers exfiltrated about 30,000 records. The later posting of the data by the Clop ransomware gang on a dark web leak site raised the risk of downstream misuse.

Related Happenings

ShinyHunters Oracle PeopleSoft data theft and extortion campaign

Campaign
H score60 First: 10.06.2026 21:31 Last: 10.06.2026 21:31 Sources 1

About this happening: **ShinyHunters**/**UNC6240** used **CVE-2026-35273** in **Oracle PeopleSoft Enterprise PeopleTools** as a **zero-day** to break into exposed systems, steal data, and extort victim...

Latest development: 29.06.2026 23:40

Nissan says attackers exploited an Oracle PeopleSoft vulnerability in a ShinyHunters-linked campaign and that the company was specifically targeted, with personal information for current and former employees in the United States, Canada, Mexico, and Brazil potentially exposed. Nissan says the material may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information, and the company has activated incident response, engaged external cybersecurity experts, secured affected systems, and is working with Oracle.

ShellForce-affiliated leak site publishes stolen identity, corporate, and résumé records

Data Leak
H score29 First: 09.02.2026 23:14 Last: 09.02.2026 23:14 Sources 1

About this happening: A **ShellForce**-affiliated leak site is publicly posting **stolen identity records**, **corporate data**, and **résumé databases**, turning intrusions into immediate exposure ris...

ShinyHunters data-leak site exposing stolen attack data

Data Leak
H score71 First: 31.01.2026 17:02 Last: 31.01.2026 17:02 Sources 1

About this happening: The **ShinyHunters** extortion gang is publishing stolen data on a **data-leak site** tied to its broader **Oracle PeopleSoft** theft campaign. New reporting adds the **University...

Kyowon Group external data leak affecting customer data

Data Leak
H score77 First: 14.01.2026 23:49 Last: 14.01.2026 23:49 Sources 1

About this happening: **Kyowon Group** confirmed an **external data leak** tied to its **January 2026** ransomware incident, creating a real risk that **customer information** was exposed. The company...

Kyowon Group hit by ransomware attack

Incident
H score76 First: 14.01.2026 23:49 Last: 14.01.2026 23:49 Sources 1

About this happening: The **Kyowon Group** confirmed a **ransomware attack** that disrupted operations and led to **customer data exfiltration**, creating immediate availability and exposure risk. The...

Timeline

  1. 29.12.2025 15:08 2 articles · 6mo ago

    Korean Air discloses employee data breach after KC&D hack

    Initial Disclosure

    Korean Air disclosed that employee names and bank account numbers stored in its ERP system on affected servers were compromised after Korean Air Catering & Duty-Free (KC&D) was recently hacked, said it had reported the incident to relevant authorities, and warned staff to watch for impersonation emails and messages. Local reporting cited about 30,000 data records and thousands of affected employees, while Korean Air said it had not yet found evidence that the stolen data was used for fraud.

    Show sources