Thousands of employees exposed as Korean Air compromised in Oracle breach

• Korean Air lost data on ~30,000 employees in KC&D supply-chain breach
• Cl0p ransomware group leaked 500 GB archives, exposing names and bank account numbers
• Incident mirrors 2023 MOVEit attack; dozens of global firms confirmed breached through EBS

South Korean airline Korean Air reportedly lost sensitive data on tens of thousands of its employees after a supply-chain attack on a catering company.

Local media are reporting that Korean Air Catering & Duty-Free (KC&D), a company that prepares in-flight meals for multiple airlines, and operates duty-free retail sales for passengers, was using Oracle E-Business Suite (EBS) at the time when the tool carried a critical-severity vulnerability.

The bug, tracked as CVE-2025-61882, was discovered in early October this year, when some companies started receiving emails from hackers claiming to have used it to break in and steal data.