Ransomware victim disclosure
← All victimsKIU System Solutions
Claimed by Apos · listed 1 year ago
Status timeline
- ListedMar 17, 2025
- Data leakeddate unknown
At a glance
- Group
- Apos
- Status
- Data leaked
- Country
- Argentina
- Sector
- Technology
- Listed on leak site
- Mar 17, 2025
About the victim
AI dossier — public-source company profileKIU System Solutions is an airline technology company founded in 2005 that provides integrated software solutions for the aviation industry, including GDS (Global Distribution System), PSS (Passenger Service System), e-commerce platforms, loyalty programs, and AI-powered customer support tools. Headquartered in Montevideo, Uruguay, they serve airlines and travel agencies across 80+ countries.
- Industry
- Airline Technology & Travel Distribution Systems
- Address
- 2141, 12th Floor, Office 1207, Montevideo, Uruguay 11800
- Founded
- 2005
Attack summary
Severity: high — Confirmed data exfiltration by established ransomware group against critical airline infrastructure provider serving 45,000+ agencies globally. Potential exposure of customer PII, payment data, and sensitive operational information for airlines and travel agencies.The APOS ransomware group claims to have compromised KIU System Solutions and exfiltrated data. The group lists the victim with a purported ransom demand of $23.4 million USD, though no specific details on attack method or data types are disclosed in the post.
Data the group says was taken
AI dossier — extracted from the leak post- customer databases
- airline operational data
- travel agency information
- passenger records
- payment/transaction data
What the group claims
🌐 kiusys.com💲 23400000📍 Paraguay
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

