Daily Dark Web
  • Home
  • Data Breaches
  • Inside the Adversary
    • Dark Web Informants
  • DDW Top Lists
  • Ransomware News
  • DarkWeb News
    • Vulnerability
    • Cyber Attacks
  • Unauthorized Accesses
  • About Us
No Result
View All Result
  • Home
  • Data Breaches
  • Inside the Adversary
    • Dark Web Informants
  • DDW Top Lists
  • Ransomware News
  • DarkWeb News
    • Vulnerability
    • Cyber Attacks
  • Unauthorized Accesses
  • About Us
No Result
View All Result
Daily Dark Web
No Result
View All Result
Home Ransomware News

Everest Ransomware Attack Hits Iberia Airlines and National Money Mart

November 26, 2025
Reading Time: 2 mins read
Everest Ransomware Attack Hits Iberia Airlines and National Money Mart

The Everest ransomware group has claimed responsibility for breaching two major organizations in the aviation and financial sectors. The group, known for its double-extortion tactics, has listed these entities on its leak site and is threatening to release sensitive internal data.

This activity follows the group’s high-profile involvement in the Collins Aerospace breach last month. For context on the group’s operations and motives, you can read our previous coverage here:  Exclusive: Everest Ransomware Group Interview on Collins Aerospace Breach

The latest list of alleged victims posted by the group includes:

  • Iberia Airlines (🇪🇸): The flag carrier airline of Spain. The threat actors claim to have exfiltrated 596 GB of internal company data, demanding a price of $6 million to prevent the leak.

  • National Money Mart Company (🇺🇸 🇨🇦): A financial services company providing check cashing and payday loans, primarily operating in the USA and Canada. The group claims to have accessed over 80,000 files from the company’s internal database.

According to the actor, the allegedly compromised data includes:

Iberia Airlines:

  • Passenger full names and dates of birth

  • Email addresses and phone numbers

  • Emergency contact information

  • Frequent flyer program details

  • Ticket numbers and booking structures

  • Special needs and preferences (meal requests, seat selection)

  • Internal booking and transaction logs

National Money Mart Company:

  • Full names and physical addresses

  • Dates of birth

  • Social Security Numbers (SSI) and Driver’s License numbers

  • Credit card account numbers and limits

  • Financial transaction logs and purchase orders

  • Employee names, email addresses, and employment history

  • Internal administrative codes and system profile data

Tags: Aviation Securitycyberattackdark webdata-breachEverest Ransomware GroupFinancial ServicesIberia AirlinesNational Money Mart CompanyPII Leakransomware
ShareTweet

Related Posts

Qilin Ransomware: Inspira, Muller, A&A, Longwood, Exclusive, Istarpal
Ransomware News

Qilin Ransomware: Inspira, Muller, A&A, Longwood, Exclusive, Istarpal

April 27, 2026
Narteks Tekstil A.S. Suffers Krybit Ransomware Attack
Ransomware News

Narteks Tekstil A.S. Suffers Krybit Ransomware Attack

April 27, 2026
Synmosa Biopharma Hit by Dragonforce Ransomware Attack
Ransomware News

Synmosa Biopharma Hit by Dragonforce Ransomware Attack

April 27, 2026
K2 Electric Inc Targeted in Genesis Ransomware Attack
Ransomware News

K2 Electric Inc Targeted in Genesis Ransomware Attack

April 22, 2026
Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup
Ransomware News

Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup

April 22, 2026
Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk
Ransomware News

Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk

April 22, 2026
Next Post
Kids & Company Hit by Sinobi Ransomware Attack

Kids & Company Hit by Sinobi Ransomware Attack

Qilin Ransomware Lists 14 New Victims: Education, Health, & Industry

Qilin Ransomware Lists 14 New Victims: Education, Health, & Industry

Recommended Stories

ShinyHunters Breaches Harvard and UPenn: Millions of Records Exposed

ShinyHunters Breaches Harvard and UPenn: Millions of Records Exposed

February 4, 2026
ISSP.org Data Breach Exposes 7.3 Million Records

ISSP.org Data Breach Exposes 7.3 Million Records

October 24, 2025
IntelBroker Allegedly Offers Unauthorized PAuth-SMTP Access to One of The World’s Largest Cybersecurity Companies

IntelBroker Allegedly Offers Unauthorized PAuth-SMTP Access to One of The World’s Largest Cybersecurity Companies

May 8, 2024

Popular Stories

  • SudamericaData Breach Exposes Over 1TB of Argentine Records

    SudamericaData Breach Exposes Over 1TB of Argentine Records

    0 shares
    Share 0 Tweet 0
  • Threat Actor Claims Sale of Dell Database Containing 49 Million Customer Records

    0 shares
    Share 0 Tweet 0
  • SUUMO, CHINTAI, At Home, HOME’S Suffer Data Breach

    0 shares
    Share 0 Tweet 0
  • Financial Tech Giant SilverLake Axis Allegedly Breached – 423GB of Data for Sale

    0 shares
    Share 0 Tweet 0
  • Telekom Serbia Investigates Leak of 160,000 Customer Records

    0 shares
    Share 0 Tweet 0
Daily Dark Web

Disclaimer: Daily Dark Web (DDW) is an independent media platform providing information, analysis, and reporting on cybersecurity, cyber incidents, and related digital developments. All content published on this website is for informational and journalistic purposes only. DDW does not support, endorse, or promote any illegal activities, threat actors, or organizations referenced in its content. Any statements, claims, or opinions expressed by third parties, including interview subjects, are their own and do not reflect the views of DDW. Such content may include unverified information and should be interpreted critically. DDW does not participate in, facilitate, or coordinate any activities discussed or referenced on this platform. Under no circumstances should any content be interpreted as encouragement, instruction, or endorsement of unlawful actions. All interactions and publications are conducted in the public interest to enhance awareness and understanding of the evolving cyber landscape.

No Result
View All Result
  • About Us
  • Home
  • Newsletter
  • Privacy Policy

Disclaimer: Daily Dark Web (DDW) is an independent media platform providing information, analysis, and reporting on cybersecurity, cyber incidents, and related digital developments. All content published on this website is for informational and journalistic purposes only. DDW does not support, endorse, or promote any illegal activities, threat actors, or organizations referenced in its content. Any statements, claims, or opinions expressed by third parties, including interview subjects, are their own and do not reflect the views of DDW. Such content may include unverified information and should be interpreted critically. DDW does not participate in, facilitate, or coordinate any activities discussed or referenced on this platform. Under no circumstances should any content be interpreted as encouragement, instruction, or endorsement of unlawful actions. All interactions and publications are conducted in the public interest to enhance awareness and understanding of the evolving cyber landscape.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?