Ransomware Hits Antaeus Travel Group: 50GB of Data Stolen by Blackout

Incident Date: Aug 22, 2024

Attack Overview
VICTIM
Antaeus Travel Group
INDUSTRY
Hospitality
LOCATION
USA
ATTACKER
Blackout
FIRST REPORTED
August 22, 2024

Ransomware Attack on Antaeus Travel Group by Blackout

Antaeus Travel Group, a multinational travel management company with over 35 years of experience in the marine and corporate travel sectors, has recently fallen victim to a ransomware attack orchestrated by the Blackout group. The attack has been publicly claimed on Blackout's dark web leak site, highlighting the growing threat of ransomware in the hospitality sector.

About Antaeus Travel Group

Established in 1988, Antaeus Travel Group operates offices in Athens, Basel, Limassol, Manila, and Miami. The company specializes in a range of travel management services, including marine, offshore, business, leisure, and VIP travel. Known for its tailored travel solutions, Antaeus serves over 300 corporate and marine customers, providing services such as hotel bookings, flight arrangements, visa processing, and event planning. The company emphasizes technology, utilizing a digital travel management platform to integrate travel coordinators, travelers, and advisors into a single system.

Attack Overview

The ransomware attack on Antaeus Travel Group has resulted in the exfiltration of 50 GB of sensitive data, including client and employee databases, scans of passports and visas, and various office documents. The ransom deadline has been set for August 28, 2023. The attack has raised significant concerns about the security of sensitive travel data and the potential impact on the company's operations and reputation.

About Blackout Ransomware Group

Blackout is a relatively new ransomware group that has quickly gained notoriety for its double-extortion tactics. The group encrypts files and exfiltrates sensitive data, using the threat of public exposure to pressure victims into paying the ransom. Blackout's previous targets include the Centre Hospitalier d'Armentières in France and Groupe M7 in Quebec, indicating a pattern of targeting organizations with valuable data.

Potential Vulnerabilities

Antaeus Travel Group's reliance on digital platforms and the handling of sensitive travel data make it a prime target for ransomware attacks. The integration of various travel management services into a single digital system, while efficient, also presents potential vulnerabilities that threat actors like Blackout can exploit. Ensuring strong cybersecurity measures and regular system audits are crucial for protecting against such sophisticated attacks.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.