1 min

LockBit leaks 8,000 French passports

In mid-May, 2023, the Russian cybercriminal group hacked the Voyageurs du Monde travel agent, who refused to pay the ransom

Antifraud action - June 19, 2023

On May 30, 2023, Lockbit, the Russian ransomware gang, published data stolen from Voyageurs du Monde on its darkweb site. On the night of the 15th to the 16th of May, 2023, a cyberattack hit the travel agency, which spotted the incident and alerted the CNIL (French data protection authority). Voyageurs du Monde then refused to pay the ransom, triggering the leak.

Cybersecurity expert Julien Métayer (aka Kermit) examined the archive published by LockBit. It is believed to contain the passports of over 8,000 French customers, along with their phone numbers and addresses. The researcher also identified “a number of other customer information,” as well as “corporate documents like service provider contracts”.

In regard to these passports, Voyageurs du Monde stated in a press release that they were “photocopies of passports collected optionally at the request of [its] customers”. The travel agent added they did not have the biometric data for the passports, which guarantees their safety.

Send this to a friend