TZUTC: -0500   
   MSGID: 2087.consprcy@1:2320/105 2de770dc   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   Russian ransomware hackers allegedly hit Tulsa airport in cyberattack, dump   
   private files online as proof   
      
   The infamous Qilin group strikes again   
      
   Russian ransomware operators Qilin have claimed to have broken into the Tulsa   
   International Airport and stolen an unspecified amount of sensitive company   
   data.   
      
   A report from Cybernews says the group recently added the airport to their data   
   leak site, and included 18 samples as proof of their claims.   
      
   The researchers analyzed the samples, finding it included C-suite emails, as   
   well as email correspondence between executives and "high-level banking   
   officials" outside the airport. The data also apparently includes copies of   
   employee IDs, driver's licenses, and passports, but also annual budget and   
   revenue spreadsheets, confidentiality and non-disclosure agreements, telehealth   
   reports, governance meeting minutes, insurance documents, banking   
   communications, tenant databases, vendor revenue sheets, and court case   
   documents.   
      
   Who is Qilin?   
      
   Cybernews did not confirm or deny the authenticity of the samples that were   
   posted, but said that they dated between 2022 and 2025, which would make them   
   rather fresh and useful to criminals.   
      
   The Tulsa International Airport in Oklahoma is a mid-size commercial airport   
   that handles about 80 flights a day, to more than 20 domestic destinations.   
   Carriers include Southwest, American, Delta and United, and the airport serves   
   more than 3 million passengers a year.   
      
   It supports a regional aviation ecosystem with thousands of employees across   
   airlines, airport operations and on-site aerospace firms, contributing to an   
   estimated 40,000 jobs and roughly $6 billion in annual economic impact for the   
   area.   
      
   Qilin was first spotted four years ago and has since moved up the ranks to   
   become one of the biggest ransomware threats in 2026, allegedly successfully   
   breached more than 1,000 organizations in 2025.   
      
   It is a Russian-speaking ransomware-as-a-service (RaaS) with numerous   
   affiliates, whose identities are not known at this time. The airport is yet to   
   make an official statement on the attack.   
      
   FULL STORY:   
      
   https://www.techradar.com/pro/security/russian-ransomware-hackers-allegedly-hit   
   -tulsa-airport-in-cyberattack-dump-private-files-online-as-proof   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: Capitol City Online (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426