Ransomware victim disclosure
← All victimsVietnam Airlines
Claimed by Shinyhunters · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Shinyhunters
- Status
- Data leaked
- Country
- Vietnam
- Sector
- Transportation/Logistics
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileVietnam Airlines is the national flag carrier of Vietnam, headquartered in Long Bien District, Hanoi. The airline operates an extensive international and domestic route network spanning Asia, Europe, and Oceania, and is a member of the SkyTeam global airline alliance. Its fleet includes wide-body and narrow-body aircraft such as the Airbus A350, Boeing 787, and Airbus A320.
- Industry
- Commercial Aviation
- Address
- 200 Nguyen Son Street, Long Bien District, Hanoi, Vietnam
- Employees
- 10000+
- Founded
- 1956
Attack summary
Severity: high — ShinyHunters is a known prolific data-exfiltration group and the disclosure is marked as data_published for a large national flag carrier, strongly implying significant passenger and operational PII has been leaked; however, no specific data inventory or volume is confirmed from the post itself.ShinyHunters claims to have exfiltrated data from Vietnam Airlines, with the disclosure status marked as data_published, indicating stolen data has been released. The specific categories of exfiltrated data are not detailed in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Passenger records
- Employee data
- Flight operations data
- Customer PII
Original description
AI-summarised, not from the leak postVietnam Airlines is the national flag carrier of Vietnam, founded in 1956. Headquartered in Long Bien District, Hanoi, the airline operates flights across Asia, Europe, and Oceania. It is a member of SkyTeam, marking its status among global standards of aviation. Its fleet includes modern aircraft such as Airbus A350, Boeing 787, and A320. The airline embodies cultural elements of Vietnam in its service.
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

