The Dunghill Leak group, which claimed responsibility for a massive cyberattack on the travel booking giant Sabre Corporation last month, has doubled down on its stance, stating it will release the 1.3 terabyte stolen data in 8 batches as it finalizes the processing of the downloaded data.
The group claims the data includes sensitive databases on ticket sales and client data.
This disturbing development follows Sabre's confirmation last month that the company was subject to a cyberattack. On September 6, 2023, Sabre acknowledged the breach after a series of files purportedly stolen from them surfaced on the Dunghill Leak group's dark web site.
Australian travel industry is now on high alert, given that Sabre's software and data underpin many airline and hotel bookings, check-ins, and apps. From airlines to travel firms, numerous travel-related enterprises in Australia rely on Sabre software, raising concerns about the potential impact of this breach on Australian businesses and customers.
While the initial sample was limited to Sabre staff details rather than client data for apparent proof in the ransom extortion attempt, the expansive data cache now looms with the potential to release:
- Databases on ticket sales in various online aggregators, their revenue data, and passenger turnover.
- Client data, including scans of clients' IDs.
- Personal information of Sabre employees, from names and insurance numbers to residential addresses, passport data, and more.
- Detailed financial information, including bank account details, balance sheets, and payroll data.
- Files associated with the airflite-client application, its source code, and logs.
It remains unclear when the breach occurred. However, data shared by Dunghill Leak suggests that some of the exposed information dates back to around mid 2023.
Dunghill Leak, believed to have evolved from the Dark Angels and Babuk ransomware groups, has previously targeted other high profile companies too.
Australia and most developed nations have consistently advised against paying ransoms to hacker gangs. Sabre, no stranger to cyber threats, faced a security incident in 2017, which cost them $2.4 million in settlements after a breach in their hotel reservation system.