Mexican airport operator purportedly breached by RansomHub

Mexico's Grupo Aeroportuario del Centro Norte or OMA, which operates more than a dozen airports in the country, was claimed to have been compromised by the RansomHub ransomware operation, which warned exposing 3 TB of data should the organization refuse to pay the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Investigation into the attack, which prompted the activation of backup systems to ensure the continued operations of northern and central Mexico airports, was already disclosed by OMA, which did not confirm RansomHub's assertions. "We have gradually restored certain services while continuing to collaborate with cybersecurity experts to safeguard the integrity of our systems. As of today, we have not identified a material adverse impact on the Company's operations and financial position, though we are closely monitoring the situation and assessing any possible continued effects," said OMA. Such a development comes after RansomHub was noted by Microsoft to be among the dominant payloads leveraged in ransomware attacks.