Hackers say they’ve breached Cyprus Airways systems and accessed full passenger data, including names, emails, and travel histories—claiming they still have live system access.
Hackers Claim 41GB Data Theft from Cyprus Airways, Including Passenger Travel Records
Hackers have allegedly breached Cyprus Airways, the national flag carrier of Cyprus, stealing 41 gigabytes of passenger and staff data. According to a post on a popular data leak forum, the attackers claim they can still access the airline’s systems and view real-time flight activity, including arrivals and departures.
The breach reportedly includes a wide range of sensitive data, such as:
- Names and surnames
- Email addresses
- Travel dates and itineraries
- Phone numbers
- Document details
- Payment amounts
Cybernews reached out to Cyprus Airways for comment but had not received a response at the time of writing.
Data Samples Appear Authentic, Some Dated as Recently as June 3
A sample of the stolen data was reviewed by Cybernews researchers, who found it appears authentic. The exposed records include information belonging to both passengers and employees. Some of the data points are as recent as June 3, 2025, suggesting ongoing access or very recent compromise.
The stolen records match the type of data collected by airline ticketing systems, leading researchers to believe that the attackers likely gained access to Cyprus Airways’ ticket management platform. While financial data such as payment card details was not part of the sample reviewed, attackers now possess full passenger profiles.
Threats from Breach Go Beyond Data Loss
If the breach is confirmed, the stolen data could be used for a range of malicious purposes. Criminals may leverage the information to carry out:
- Phishing campaigns targeting customers using travel and identity details
- Identity theft through forged documents or impersonation
- Fraudulent transactions by impersonating victims to banks or service providers
- Physical security risks, such as identifying empty homes based on travel dates
The threat is compounded by the attackers’ claim that they still have access to Cyprus Airways’ systems.
“We still see their arrivals and departures live,” the post reads.
Cyprus Airways Joins Growing List of Airline Cyberattack Victims
Cyprus Airways was relaunched in 2016 under Charlie Airlines after the original company was dissolved. Headquartered in Nicosia, the airline operates six aircraft and services 19 destinations across Europe and the Middle East.
Airlines have increasingly become targets for cybercriminals due to the volume and sensitivity of personal data they store. Recent high-profile incidents include:
- Elit Avia, a private jet operator, appearing on a ransomware group’s leak site
- Air Europa, breached for credit card data
- Air Canada, targeted by ransomware group BianLian
- Delta Airlines, impacted via a third-party breach alongside Amazon, HP, and Lenovo
- Scandinavian Airlines, taken offline by Russian hackers in 2023, disrupting booking systems
This ongoing trend highlights the airline industry’s exposure to cyber risk and the urgent need for stronger cybersecurity protections.
