Korean Air — Cyber Attacks, Breaches & Threat Activity

Threat entity extracted from intelligence sources

Frequency
2
occurrences
First Seen
December 30, 2025
Last Seen
December 31, 2025

Korean Air is a organization tracked across 2 threat clusters and 2 intelligence report mentions on ThreatCluster. First observed December 30, 2025; most recent activity December 31, 2025.

Overview

Korean Air is South Korea's flag carrier and largest airline. In cybersecurity terms, it has recently suffered data exposure—user/employee PII leaked by the Cl0p extortion group—and is also listed as a victim in an Oracle E-Business Suite (ERP) breach, underscoring multi-vector risk to its IT/ERP environments and sensitive employee data.

Related Threat Clusters

Recent Intelligence Reports

  • 30,000 Korean Air Employee Records Stolen as Cl0p Leaks Data Online — Hackread · December 31, 2025
  • Latest Oracle EBS Victims Include Korean Air, University of Phoenix — Thecyberexpress · December 30, 2025

CVSS v3.1 Breakdown