Advertisement
On the day the check-in system developed a problem, a group of tourists stopped near the TMA counter. Dhauru Photo/Muzayyin Nazim

Hackers gain access to TMA staff personal info, trade secrets

Classified information of major global companies like AMD has been leaked.

14 January 2023

A ransomware attack on Trans Maldivian Airways (TMA) check-in system in late December was carried out by RansomHouse, which has carried out similar attacks on major global companies, the group said Friday. The group of hackers collected a large amount of classified information stored on TMA's servers and the company would now have to pay them to stop the leakage of the information and to recover it.

The world's largest seaplane operator, TMA, suffered a ransomware attack on its check-in system, disrupting operations on 31 December and causing a system failure. At a time when many people arrived for the New Year holidays, flights came to a halt and many tourists were stranded at the airport. 

Although manual check-in allowed TMA to send off some tourists to resorts, the airline was later forced to ask resorts to find an alternative way to ferry tourists.

The issue was resolved in about two days.

RansomHouse claimed responsibility for the attack.

As was published by the group:

  • 350GB data taken from TMA servers

  • A package containing some of these documents has been published

  • It contains important, confidential information such as personal information of some TMA employees, which employs more than 500 people, salaries paid to them and the amount of money the company pays for planes leased by the company.

"To the management of Trans Maldivian Airways. We are confident that you will not be interested in leaking your confidential data or selling it to a third party," RansomHouse on its website.

It was not immediately clear if RansomHouse had issued a specific ransom amount to TMA to prevent the leak of confidential information.

Unlike other cybercrime gangs, RansomHouse claims it’s not a “ransomware” group, rather it describes its operation as a “professional mediators community,” even if the end goal of extorting companies for money remains the same.

“We have nothing to do with any breaches and don’t produce or use any ransomware,” RansomHouse says on its dark web site.

“Our primary goal is to minimise the damage that might be sustained by related parties. RansomHouse members prefer common sense, good conflict management and intelligent negotiations in an effort to achieve fulfilment [sic] of each party’s obligations instead of having non-constructive arguments.”

RansomHouse first emerged in December 2021.

Comments

profile-image-placeholder