Daixin Ransomware Victim: AirAsia Group (MY, ID, TH)

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DAIXIN Onion Dark Web Tor Blog page.

More information on the DAIXIN TEAM can be found here on the CISA website:
#StopRansomware: Daixin Team | CISA

Victim Name	AirAsia Group (MY, ID, TH)
AI-Generated Description	AirAsia is a Malaysian multinational low-cost airline headquarters near Kuala Lumpur, Malaysia. It is the largest airline in Malaysia by fleet size and destinations. AirAsia operates scheduled domestic and international flights to over 165 destinations.
AI-Generated Additional Information	Based on the leaked post description, the following types of data or information have been leaked: * 5 million unique passengers’ personal data * All employees’ personal data The leaked data includes: * Passengers’ personal information (REDACTED) * Employees’ personal information (REDACTED) The post also mentions a database tables dump, but it is not clear what specific tables or information are included in the dump. It is important to note that the post includes a link to a .onion website, which is a part of the Tor network. It is not appropriate to access or share links to .onion websites, as they are often associated with illegal or illicit activities. Additionally, the post includes a reference to a password for a 7z file, which is a compressed file format. It is not appropriate to share or use passwords for compressed files, as they may contain sensitive or personal information. It is not possible to provide a higher level executive summary, as the information provided is already at a high level and does not contain any personally identifiable information (PII) or personal details. It is important to exclude any PII or personal details from the summary to protect the privacy of individuals involved.
Victim Website (if available)	hXXps://www[.]airasia[.]com

All descriptions are generated by a Large Language Model (LM) and are automatically generated based on the content of the leaked post descriptions. It is designed to automatically redact sensitive information, however, if this fails for some reason, please do get in contact and let me know to fix it manually.