A threat actor using the handle “GordonFreeman” posted a listing claiming to sell access to a vulnerability in Air France that allows entry to an administrative panel. The listing alleges a data extraction method that could expose roughly 2 million customer purchase records and includes samples referencing the Flying Blue frequent flyer program. #GordonFreeman #AirFrance
Keypoints
- Threat actor “GordonFreeman” posted a listing claiming to sell access to an Air France vulnerability.
- The listing alleges the flaw provides access to an administrative (admin) panel.
- The actor claims a data extraction method that could expose approximately 2 million customer purchase records.
- Sample records referenced in the listing include data from the Flying Blue frequent flyer program.
- The incident is classified as a medium-severity data breach targeting Air France and is exposed on the open web.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!