[EVEREST] – Ransomware Victim: Dublin Airport

AI Generated Summary of the Ransomware Leak Page

On October 26, 2025, Dublin Airport, an international airport in Ireland operated by the Dublin Airport Authority, appeared on a ransomware leak page attributed to the Everest group. The post presents Dublin Airport as a victim of a breach and frames the incident as a data-leak event in which sensitive information has allegedly been stolen by the attackers. The description emphasizes Dublin Airport’s status as a major European hub—serving more than 180 destinations with over 40 airlines—and notes the post provides a claim URL consistent with ransomware double-extortion patterns. No explicit compromise date is stated on the leak page; as such, the post date serves as the reference timestamp for the incident. There is no specific ransom amount disclosed in the accessible content.

Regarding visuals, the leak page includes two screenshots or images intended to corroborate the attackers’ claims. The content of these images is not described in the available text. PII such as emails, phone numbers, and addresses has been redacted in this summary, while the victim name—Dublin Airport—remains. The visible content does not explicitly state whether Dublin Airport’s systems were encrypted or whether the impact is solely a data-leak scenario, and no ransom figure is provided within the post. The two images suggest the attackers supplied some form of internal material as part of their leak narrative, though the exact nature of the material is not defined in the provided data.