Thousands of Korean Air employees exposed in Oracle breach

Italiano

Korean Air, a major South Korean airline, has been affected by a supply-chain attack originating from Oracle, resulting in the exposure of thousands of its employees' information. The incident highlights vulnerabilities in third-party software services. Details emerged in a recent security report.

The breach at Korean Air came to light through a supply-chain attack tied to Oracle, a prominent software provider. According to reports, this cyber incident compromised sensitive data belonging to thousands of the airline's employees.

Supply-chain attacks, where hackers infiltrate a trusted vendor to reach multiple clients, have become a growing concern in the tech and aviation sectors. In this case, Oracle's systems appear to have been the entry point, allowing unauthorized access to Korean Air's employee records.

While specific details on the type of data exposed—such as personal identifiers or professional details—remain limited, the scale of the compromise underscores the risks airlines face in relying on external cloud and database services. Korean Air has not yet issued an official statement on the matter, but the event serves as a reminder of the need for robust cybersecurity measures across interconnected business ecosystems.

Experts note that such breaches can lead to identity theft, financial losses, and reputational damage for affected organizations. As investigations continue, the incident may prompt stricter audits of software suppliers in the aviation industry.

Articoli correlati

Dramatic illustration depicting the Coupang data breach, with data spilling from a cracked digital vault and investigators on scene.
Immagine generata dall'IA

Coupang data breach spanned June to November

Riportato dall'IA Immagine generata dall'IA

A massive data breach at e-commerce giant Coupang exposed personal information of 33.7 million customers from June 24 to November 8. Officials revealed the attacker exploited the company's electronic signature key, prompting a thorough government investigation. The incident has heightened public concerns over South Korea's data protection capabilities.

Alleged Chinese data breach exposes 8.7 billion records

A massive data breach in China has reportedly spilled 8.7 billion records after a gigantic database was left unlocked on the internet. The incident, detailed in recent reports, highlights vulnerabilities in data security practices. Authorities are yet to confirm the full extent of the exposure.

Hong Kong prison department's IT system hacked, 6,800 employees' data compromised

Riportato dall'IA

Hong Kong's Correctional Services Department revealed that a hacker illegally accessed its IT system on Tuesday, compromising personal data of 6,800 current and former employees. The department stated there is no evidence of data leakage so far and has notified affected individuals.

Asia

Police investigate Coupang data breach suspecting former employee

Tecnologia

Data breach exposes credit card details of over 5.6 million people

Asia

Coupang faces investigations over massive data breach

Congressional staff emails hacked in Salt Typhoon campaign

Emails of US congressional staff have been hacked as part of the Salt Typhoon campaign attributed to Chinese hackers. The incident marks another appearance by these notorious actors in targeting sensitive communications. The breach was reported on January 8, 2026.

China directs firms to halt use of US and Israeli cybersecurity software

Riportato dall'IA

Chinese authorities have instructed domestic companies to stop using cybersecurity software from more than a dozen US and Israeli firms due to national security concerns. The directive supports Beijing's drive to replace Western technology with homegrown alternatives amid intensifying tech competition with the United States. Three sources familiar with the matter said the notice was issued in recent days.

Researchers uncover leaked API keys on nearly 10,000 websites

Researchers analyzing 10 million web pages have identified 1,748 active API credentials from 14 major providers exposed across nearly 10,000 websites, including those run by banks and healthcare providers. These leaks could enable attackers to access sensitive data or gain control over digital infrastructure. Nurullah Demir of Stanford University described the issue as very significant, affecting even major companies.

Russian hackers exploit Microsoft Office vulnerability days after patch

Riportato dall'IA

Russian state-sponsored hackers quickly weaponized a newly patched Microsoft Office flaw to target organizations in nine countries. The group, known as APT28, used spear-phishing emails to install stealthy backdoors in diplomatic, defense, and transport entities. Security researchers at Trellix attributed the attacks with high confidence to this notorious cyber espionage unit.

11 marzo 2026 14:00

Google report warns of shifting cloud threat landscape

18 febbraio 2026 11:16

Dell zero-day flaw unpatched for nearly two years

09 febbraio 2026 21:38

Photo ID apps leak user data affecting over 150,000

06 febbraio 2026 18:38

Conduent data breach impacts tens of millions

23 gennaio 2026 02:03

Huge data leak exposes 149 million credentials without protection

23 dicembre 2025 15:18

Nissan says Red Hat breach affected thousands of customers

21 dicembre 2025 12:02

Chinese hackers install backdoors via Cisco email zero-day

19 dicembre 2025 11:19

Cisco email security products targeted in zero-day campaign

12 dicembre 2025 05:53

Coupang breach suspect identified amid foreign hiring scrutiny and lawsuit surge

10 dicembre 2025 07:11

North Korean hackers exploit maximum severity React2Shell flaw

 

 

 

Questo sito web utilizza i cookie

Utilizziamo i cookie per l'analisi per migliorare il nostro sito. Leggi la nostra politica sulla privacy per ulteriori informazioni.
Rifiuta