A threat actor has allegedly breached Ryanair's internal systems, exfiltrating sensitive data including passenger compensation claims, legal correspondence, and case management records, which were subsequently leaked on cybercrime forums. The attack vector and method of initial access are not detailed in the report, and the airline has not yet confirmed the incident. No specific technical vulnerability, CVSS score, or software version information is provided, as the article focuses on the data breach event and its potential impact.
Data Security Ryanair flight compensation data purportedly pilfered, leaked April 30, 2026 Share By SC Staff (Adobe Stock) Cybernews reports that European ultra low-cost airline Ryanair had its flight compensation data proliferating across underground cybercrime forums after a threat actor claimed to have breached the airline. The threat actor allegedly had access to the airline's internal data, including emails, booking records, claim information, travel routes, and structured samples that appear to resemble records from an internal legal correspondence or case management platform. These documents contained emails, recipient details, court documents, case references, deadlines, and workflow notes that may indicate coordination of active litigation. Another sample appears to be from a legal claims management platform for Ryanair passenger compensation cases, allegedly exposing customer information, lawyer contacts, banking details, flight records, and legal case information tied to European routes. Daily Dark Web, a cybersecurity monitoring publication, initially flagged the claims when the alleged attacker posted a data sample with the listing. As of this writing, the airline has not confirmed the alleged breach . SC Staff Related Data Security Allegedly stolen Pitney Bowes data leaked by ShinyHunters SC Staff April 30, 2026 U.S. logistics technology firm Pitney Bowes had data purportedly stolen from its systems exposed by the ShinyHunters extortion group as part of its pay-or-leak attack spree, The Register reports. Network Security Microsoft to block legacy TLS connections for POP and IMAP in Exchange Online SC Staff April 29, 2026 This change means that POP3 and IMAP4 connections will require TLS 1.2 or later. Security Operations Supreme Court hears arguments on controversial geofence warrants SC Staff April 29, 2026 Geofence warrants allow law enforcement to compel tech companies like Google to provide location data for all users within a specified area and time frame. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Block Cipher Byte Checksum Cipher Ciphertext Cryptographic Hash Functions Data Aggregation Decryption Digital Envelope Digital Signature You can skip this ad in 5 seconds