Keypoints
- Korean Air’s employee data was leaked following an attack on its former subsidiary, KC&D.
- The Clop ransomware group claimed responsibility, linking the breach to its ongoing exploits of Oracle EBS zero-days.
- The attack was part of Clop’s broader campaign exploiting vulnerabilities across multiple organizations.
- Korean Air has taken security measures, reported the incident to authorities, and is investigating the breach.
- Clop has previously targeted high-profile organizations like Shell, British Airways, and academic institutions.