A Russian-speaking cybercrime group known as Everest has claimed responsibility for a data breach involving Dublin Airport. The hackers added the organization to their leak site, alleging they accessed more than one and a half million personal records.
Dublin Airport Authority operates Ireland’s busiest airport, which serves more than 35 million passengers every year and connects to over 150 destinations across 40 airlines.
According to Everest’s post on its leak site, the stolen data includes around 1,533,900 personal records. The group alleges that the information contains full names, passenger classifications such as adult or child, frequent flyer details, ticket numbers, seat assignments, barcode formats, and device identification data related to check-in or boarding.
The post also displayed a countdown timer giving the airport five days to respond before the group threatens to release the data. At the time of writing, Everest had not released any samples or proof of the alleged breach.
Dublin Airport Authority has acknowledged awareness of the claim but stated that there is no evidence its systems were compromised. The organization has not confirmed whether the information listed by Everest is authentic.
Officials are continuing to investigate the situation, working to determine if there has been any unauthorized access or data exposure. No operational disruptions have been reported, and there are no indications that passenger services have been affected.
Everest has been active since 2021
Everest is a Russian-linked cybercrime group active since 2021. It is known for targeting large organizations, including hospitals, airlines, and financial institutions. The group uses extortion tactics, threatening to publish sensitive information if victims refuse to pay.
Cybersecurity experts note that while Everest has been involved in several confirmed breaches, the group is also known to exaggerate claims for publicity or to pressure organizations into paying. Analysts caution that not all listings on its leak site correspond to verified attacks.
Airports are frequent targets
Airports and transport authorities are attractive targets for cybercriminals because they handle vast amounts of passenger information and rely heavily on digital systems for daily operations. Even when an attack does not disrupt travel, the potential exposure of internal or customer data can lead to serious financial and reputational consequences.
Security researchers warn that organizations managing critical infrastructure must continue to improve their network defenses, enhance incident detection systems, and train staff to identify potential phishing or intrusion attempts.
As of now, no evidence has been published to confirm Everest’s claims. Dublin Airport continues to assess its systems, and Irish cybersecurity agencies are expected to assist if further information emerges.
The situation serves as another reminder that even without a confirmed breach, public claims made by extortion groups can damage trust and highlight the ongoing threat of cyberattacks on key infrastructure.