Ransomware Hits Antaeus Travel Group: 50GB of Data Stolen by Blackout
Incident Date:
August 22, 2024
Overview
Title
Ransomware Hits Antaeus Travel Group: 50GB of Data Stolen by Blackout
Victim
Antaeus Travel Group
Attacker
Blackout
Location
First Reported
August 22, 2024
Ransomware Attack on Antaeus Travel Group by Blackout
Antaeus Travel Group, a multinational travel management company with over 35 years of experience in the marine and corporate travel sectors, has recently fallen victim to a ransomware attack orchestrated by the Blackout group. The attack has been publicly claimed on Blackout's dark web leak site, highlighting the growing threat of ransomware in the hospitality sector.
About Antaeus Travel Group
Established in 1988, Antaeus Travel Group operates offices in Athens, Basel, Limassol, Manila, and Miami. The company specializes in a range of travel management services, including marine, offshore, business, leisure, and VIP travel. Known for its tailored travel solutions, Antaeus serves over 300 corporate and marine customers, providing services such as hotel bookings, flight arrangements, visa processing, and event planning. The company emphasizes technology, utilizing a digital travel management platform to integrate travel coordinators, travelers, and advisors into a single system.
Attack Overview
The ransomware attack on Antaeus Travel Group has resulted in the exfiltration of 50 GB of sensitive data, including client and employee databases, scans of passports and visas, and various office documents. The ransom deadline has been set for August 28, 2023. The attack has raised significant concerns about the security of sensitive travel data and the potential impact on the company's operations and reputation.
About Blackout Ransomware Group
Blackout is a relatively new ransomware group that has quickly gained notoriety for its double-extortion tactics. The group encrypts files and exfiltrates sensitive data, using the threat of public exposure to pressure victims into paying the ransom. Blackout's previous targets include the Centre Hospitalier d'Armentières in France and Groupe M7 in Quebec, indicating a pattern of targeting organizations with valuable data.
Potential Vulnerabilities
Antaeus Travel Group's reliance on digital platforms and the handling of sensitive travel data make it a prime target for ransomware attacks. The integration of various travel management services into a single digital system, while efficient, also presents potential vulnerabilities that threat actors like Blackout can exploit. Ensuring strong cybersecurity measures and regular system audits are crucial for protecting against such sophisticated attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.