A threat actor has allegedly posted a massive database for sale on a dark web forum, claiming it belongs to Uzbekistan Airlines. Uzbekistan Airlines, operating as Uzbekistan Airways, is the flag carrier and national airline of the Republic of Uzbekistan. As the country’s primary airline, it handles a significant volume of domestic and international travel, making it a critical part of the nation’s infrastructure and a holder of sensitive passenger data from around the globe.
The seller claims the data dump is 300GB in size, originating from the airline’s S3 buckets and a Postgres database. The breach allegedly exposes a vast amount of highly sensitive personal and corporate information. The threat actor provided redacted images of passports from various nationalities as proof of the hack. The compromised data allegedly includes:
- Approximately 500,000 passenger emails and 400 employee emails.
- An unknown number of passport scans from at least 40 countries, including Russia, the USA, and various European and Asian nations.
- Detailed passenger information for around 400,000 individuals starting from 2025.
- Full ticketing data, including financial transaction details and partial credit card numbers.
- Corporate credentials for critical systems like Amadeus (airline software), IMAP accounts, S3, Docker, and others.
- Other personal documents such as marriage certificates, driving licenses, and birth certificates.
- Internal communications in the form of .msg files.












