Leak at the Civil Aviation Safety Organisation
420 GB of data ID card Passport Diploma Proof of address Internal document Thales, Dassault SystΓ¨mes, Airbus, Boeing, FAA, militaryβ¦
- Victim
- Civil Aviation Safety Organisation
Incidents in sector:
Transport
Claimed leak at OSAC (Civil Aviation) - Ransomware - see details
People whose ID documents or other documents are held by OSAC may be affected by a claimed leak. According to the claim, the LAPSUS$ group allegedly extracted around 420β¦
- Victim
- OSAC (Civil Aviation)
Jaguar Land Rover global production halt (Scattered Lapsus$ Hunters, 2025)
A cyberattack on Britain's biggest carmaker forced JLR to shut down its global IT network and halted vehicle production in the UK, China, Slovakia, India, and Brazil for five weeks β now considered the most economically damaging cyber incident in UK history.
- Victim
- Jaguar Land Rover
- Loss
- $2.40B
Leak at Companie de Transport Strasbourgeoise
unknown
- Victim
- Companie de Transport Strasbourgeoise
Royal Mail LockBit ransomware
LockBit affiliates encrypted Royal Mail's international export systems, halting all overseas postal services from the U.K. for six weeks. Royal Mail publicly refused the Β£65.7M ransom demand; LockBit progressively leaked exfiltrated data.
- Victim
- Royal Mail International
- Loss
- $60.0M
Transnet 'Death Kitty' ransomware (South Africa, 2021)
A ransomware attack on South Africa's state-owned logistics firm Transnet shut down operations at Durban, Ngqura, Port Elizabeth and Cape Town container terminals, forcing the operator to declare force majeure. Durban β 60% of Southern Africa's containerised trade β reverted to paper-based clearance for cargo for a week.
- Victim
- Transnet SOC (state-owned freight & port operator)
Colonial Pipeline ransomware (DarkSide)
A reused VPN password let DarkSide encrypt Colonial Pipeline's billing systems. The operator shut down 5,500 miles of fuel pipeline for six days, paid $4.4M, and triggered a federal emergency.
- Victim
- Colonial Pipeline Company
- Loss
- $4.4M
Garmin WastedLocker ransomware (Evil Corp)
Evil Corp deployed the WastedLocker ransomware against Garmin, taking flyGarmin aviation services, Garmin Connect, and inReach satellite messaging offline for five days. Garmin paid an estimated $10M ransom despite OFAC sanctions on Evil Corp.
- Victim
- Garmin Ltd.
- Loss
- $30.0M
British Airways Magecart card-skimming
Magecart operators injected card-skimming JavaScript into British Airways' payment page, stealing card details on 380,000 transactions over 15 days. UK ICO initially proposed a Β£183.4M GDPR fine β later reduced to Β£20M after Covid-impact mitigation arguments.
- Victim
- British Airways
- Loss
- $35.0M
- Records
- 429.0K
NotPetya destructive wiper
A destructive wiper disguised as ransomware, propagated via a compromised Ukrainian accounting software update. Estimated $10 billion in global damage β the most economically destructive cyberattack in history.
- Victim
- M.E.Doc users (Maersk, Merck, FedEx-TNT, Mondelez, Saint-Gobain et al.)
- Loss
- $10.00B
WannaCry ransomware worm
A North Korean ransomware worm that exploited the EternalBlue SMB vulnerability to spread to ~200,000 systems across 150 countries in 24 hours. Paralysed the U.K.'s NHS and crippled manufacturing globally.
- Victim
- ~200,000 organizations worldwide (UK NHS, TelefΓ³nica, Renault, Deutsche Bahn, Honda et al.)
- Loss
- $6.00B