Korean Air Data Compromised in Oracle EBS Hack

South Korean airline Korean Air has disclosed a data breach exposing 30,000 employee records following a cyberattack on its former subsidiary and current catering supplier, Korean Air Catering & Duty-Free (KC&D).

KC&D was originally a division of the airline, but it spun off and was sold to a private equity firm in 2020. In addition to Korean Air, KC&D serves many other major airlines from Asia and other parts of the world.

According to Korea JoongAng Daily, KC&D recently informed Korean Air that information belonging to the airline’s employees has been compromised.

Korean Air reportedly confirmed that hackers have stolen the information of roughly 30,000 of its current and former employees from KC&D, including names and bank account numbers. Customer data was not exposed, the airline said.

The disclosed incident is likely related to the recent Oracle E-Business Suite (EBS) campaign, in which cybercriminals exploited EBS zero-day ...