hiveleak attacks Bohlke International Airways

Incident Date:

January 25, 2022

World map

Overview

Title

hiveleak attacks Bohlke International Airways

Victim

Bohlke International Airways

Attacker

Hiveleak

Location

Croix, USA

Virgin Islands, USA

First Reported

January 25, 2022

Bohlke International Aviation Suffers Ransomware Attack

Bohlke International Aviation, a premier full-service Fixed Base Operator (FBO) located in St. Croix, U.S. Virgin Islands, recently fell victim to a ransomware attack orchestrated by the group known as HiveLeak. Established in 1959, the company boasts one of the most extensive charter jet fleets in the Caribbean, offering private jet services across the Caribbean, the United States, Central & South America, and globally.

The family-owned enterprise, now under the leadership of a third-generation pilot, employs a 60-person team. Bohlke International Aviation's offerings are diverse, encompassing aircraft management, drone data collection, and acting as a pivotal aviation partner for medical evacuation flights.

This incident marks yet another cybersecurity breach within the airline industry, following a notable attack on SpiceJet, an Indian airline, in 2022. That attack led to significant flight delays and cancellations, stranding numerous passengers.

Ransomware attacks pose severe threats to businesses, potentially leading to data loss, operational disruptions, and reputational damage. To counteract these risks, it is imperative for companies to implement cybersecurity best practices. These include regular software updates, the use of robust passwords, the activation of multi-factor authentication, the deactivation of unnecessary remote access ports, continuous log monitoring, auditing of user accounts with administrative privileges, and the secure backup of critical data.

As of now, Bohlke International Aviation has not publicly commented on the ransomware attack or disclosed any steps taken to address its consequences. While the company's website remains accessible, the full extent of the attack's impact on their operations remains uncertain.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.