Ransomware victim disclosure
← All victimsAir Arabia
Claimed by Everest · listed 9 months ago
Status timeline
- ListedOct 25, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- UAE
- Sector
- Transportation/Logistics
- Listed on leak site
- Oct 25, 2025
About the victim
AI dossier — public-source company profileAir Arabia is the Middle East and North Africa's first and largest low-cost carrier, headquartered at Sharjah International Airport in the UAE. The airline operates scheduled services to over 170 destinations across the Middle East, North Africa, Europe, and Asia. It is a publicly listed company on the Abu Dhabi Securities Exchange.
- Industry
- Low-Cost Airline / Aviation
- Address
- Air Arabia Building, Sharjah International Airport, Sharjah, UAE
- Employees
- 3000-5000
- Founded
- 2003
Attack summary
Severity: high — Air Arabia is a major publicly listed airline with significant passenger PII, financial, and operational data. The disclosed status is 'data_published', indicating confirmed exfiltration and release, but the lack of specifics in the post prevents escalation to critical without evidence of regulated data at scale.The Everest ransomware group claims an attack on Air Arabia and has listed the disclosure status as data_published, suggesting exfiltration and publication of company data, though the truncated leak post provides no specific details on the nature or volume of data released.
Original description
AI-summarised, not from the leak postAir Arabia is a low-cost airline that started its operations in 2003, based in Sharjah, United Arab Emirates. The company offers flights to over 170 destinations across the Middle East, North Africa, Asia, and Europe. Apart from passenger transportation, Air Arabia also has diversified into travel management, tourism, and hospitality through various subsidiaries. It operates a fleet of Airbus A320 aircraft. It's the first publicly listed airline in the Middle East, priding itself on being a profitable venture since the second year of its operation.
The leak post
captured from the group's site© 2026, All rights reserved Citizens Bank - Database Leaked Evaluate a Norstella company - Database Leaked Studio Marchi - Studio Professionale Associato - Database Leaked Super AI - Database Leaked Complete Aircraft Group - Database Leaked Umiles Group - Database Leaked K Subsea Group - Database Leaked Parque Eólico Toabré - Database Leaked PT Brantas Abipraya - Database Leaked Straight Line Logistics - Database Leaked First Priority Group - Database Leaked Hyundai Elevator - Database Leaked UD Trucks - Database Leaked McDonalds India - Database Leaked Tsunami Tsolutions - Database Leaked Atlas Air: MUSE INSECURE - Database Leaked Iron Mountain - Database Leaked Hosowaka Micron Group - Database Leaked Shinwa Co Ltd - Database Leaked SIGMA Processing Group - Database Leaked Acu Trans Solutions LLC - Database Leaked GIBSIN Engineers - Database Leaked ASRock Rack - Database Leaked Reeves Information Technology - Database Leaked WANCHI STEEL INDUSTRIAL - Database Leaked GC Accounting - Database Leaked National Money Mart Company - Database leaked Virginia Records - Database Leaked Morgan Records Management - Database leaked ELC Electroconsult SpA - Databas…
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

