The Everest ransomware group claims to have breached Air Miles España, S.A, the company behind the popular Spanish loyalty program Travel Club. The group has listed the company on their data leak site, threatening to release the stolen information within six days if their demands are not met. The threat actors allege they have exfiltrated 131 GB of internal company data, which they describe as containing “more than several millions of personal data” belonging to clients.
According to the sample files and screenshots provided by the Everest group, the compromised database appears to contain extensive customer relationship management (CRM) and marketing data. The allegedly compromised data includes:
-
Full names
-
Email addresses
-
Account IDs and Subscriber keys
-
Dates of birth and gender
-
Account balances (Points/Saldo)
-
Registration and activity dates
-
Physical addresses (implied by account data structures)
-
Sponsor and partner transaction logs
-
Internal company documents and segment classification data












