A threat actor claims to have breached Jazeera Airways (jazeeraairways.com), a Kuwaiti low-cost airline. The actor alleges the data contains 15 million passenger records spanning from 2020 to 2023 and is offering it for sale.
According to the actor, the compromised data includes a vast amount of personally identifiable information (PII). Screenshots provided as proof suggest the leak originates from the airline’s database tables and includes the following data types:
- Full names
- Date of Birth (DOB)
- Gender
- Nationality and country of residence
- Email addresses
- Physical addresses
- Passenger IDs and Booking IDs
- Hashed passwords (potentially for agents or employees)
