Korean Air A.I CyberSecurity Scoring
Korean Air
Company Information
Website:http://koreanair.com
Employees number:3,404
Number of followers:65,163
NAICS:481
Industry Type:Airlines and Aviation
Homepage:koreanair.com
Korean Air Risk Score (AI oriented)
Between 550 and 599
Korean AirAirlines and Aviation
Updated:
11/03/2026
11/03/2026
598/1000
Very Poor
Ca
Korean Air Global Score (TPRM)
xxxx
Korean AirAirlines and Aviation
Score locked

Korean AirVery Poor
Current Score
598Ca (VERY POOR)
01000
2 incidents
-92 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
607
JUNE 2026
607
MAY 2026
604
APRIL 2026
604
MARCH 2026
601
FEBRUARY 2026
654
JANUARY 2026
649
Breach
01 Jan 2026 • Korean Air
Michelin, Oracle, Korean Air and Madison Square Garden: Michelin Confirms Data Breach Linked to Oracle EBS Attack
Michelin Data Breach in Cl0p’s Oracle EBS Cyberattack Campaign
590
CRITICAL-59
MADMICKORORA1773232260
Michelin Confirms Data Breach in Cl0p’s Oracle EBS Cyberattack Campaign
Tire manufacturer Michelin has confirmed a data breach linked to the ongoing cybercrime campaign targeting organizations using Oracle’s E-Business Suite (EBS). The Cl0p ransomware and extortion group, believed to be operated by the FIN11 threat actor cluster, exploited zero-day vulnerabilities in Oracle EBS to access sensitive data from over 100 organizations, including Michelin.
Michelin acknowledged the incident, stating that while its systems were protected by robust security measures, attackers leveraged an Oracle EBS zero-day flaw to infiltrate its network. The company reported that only a "small, localized volume of data" was compromised, with no sensitive or technical IT information affected. No ransomware was deployed, and global operations remained unaffected.
Despite Michelin’s assurance that the breach was contained, Cl0p published over 315GB of allegedly stolen files on its leak site. Metadata analysis suggests the data originated from an Oracle EBS environment. Michelin emphasized its swift response, confirming that corrective actions were taken and the vulnerability has since been patched.
This attack follows similar breaches at Madison Square Garden, auto parts supplier LKQ, the University of Phoenix, and Korean Air, all tied to the same Oracle EBS campaign. The incidents highlight the growing threat posed by sophisticated extortion groups exploiting enterprise software vulnerabilities.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
650
NOVEMBER 2025
772
Ransomware
21 Nov 2025 • Korean Air
Korean Air Catering & Duty-Free, Korean Air and Schneider Electric: Thousands of employees exposed as Korean Air compromised in Oracle breach
Korean Air Data Breach via KC&D Supply-Chain Attack
647
CRITICAL-125
KORKORSCH1767123879
Korean Air Employee Data Exposed in Cl0p Supply-Chain Breach
Korean Air confirmed a data breach affecting approximately 30,000 current and former employees after a supply-chain attack on its catering and duty-free subsidiary, Korean Air Catering & Duty-Free (KC&D). The incident stemmed from a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite (EBS), which the Cl0p ransomware group exploited to steal and leak nearly 500 GB of archives.
The exposed data includes full names and bank account numbers, heightening risks of identity theft and financial fraud. Other personal details, such as emails or addresses, were reportedly not compromised. KC&D was added to Cl0p’s leak site on November 21, following a pattern similar to the group’s 2023 MOVEit attack, which impacted hundreds of organizations worldwide.
The breach mirrors the MOVEit incident in scale, with dozens of global entities—including Envoy Air, Harvard University, Schneider Electric, and Barts Health NHS Trust—confirming exposure via the same EBS vulnerability. Oracle released a patch in early October after companies began receiving extortion demands from Cl0p, but the damage had already spread.
Cl0p, a Russian-linked ransomware group, has claimed responsibility for both the EBS and MOVEit attacks, targeting high-profile victims like Shutterfly, Procter & Gamble, and Community Health Systems. The group’s tactics underscore the growing threat of supply-chain attacks on enterprise software.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
772
SEPTEMBER 2025
772
AUGUST 2025
772
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Korean Air ??
What was Korean Air's A.I Rankiteo Cyber Score in June 2026 ??
What was Korean Air's A.I Rankiteo Cyber Score in May 2026 ??
What was Korean Air's A.I Rankiteo Cyber Score in April 2026 ??
What was Korean Air's A.I Rankiteo Cyber Score in March 2026 ??
What was Korean Air's A.I Rankiteo Cyber Score in February 2026 ??
What was Korean Air's A.I Rankiteo Cyber Score in January 2026 ??
What was Korean Air's A.I Rankiteo Cyber Score in December 2025 ??
What was Korean Air's A.I Rankiteo Cyber Score in November 2025 ??
What was Korean Air's A.I Rankiteo Cyber Score in October 2025 ??
What was Korean Air's A.I Rankiteo Cyber Score in September 2025 ??
What was Korean Air's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Korean Air's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Korean Air ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Korean Air's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?