[EVEREST] – Ransomware Victim: Dublin Airport DataBase on sale for $1 Million

AI Generated Summary of the Ransomware Leak Page

On October 26, 2025, a leak page identifies the victim as Dublin Airport DataBase on sale for $1 Million. The posting situates this dataset within the Transportation/Logistics sector and ties it to Ireland. The page presents the incident as a data-leak event rather than an encryption incident, stating that the Dublin Airport database has been exfiltrated and is being offered for sale for one million dollars. A claim URL is indicated on the page for readers to pursue further claims or negotiations. No explicit compromise date is provided beyond the post date, which is the date here used as the post date. The page features two images that appear to be navigation controls (likely prev/next) rather than substantive document content, and these images are hosted on onion service addresses with the URLs defanged in this report. Personal data such as emails, phone numbers, and addresses are redacted, while the victim name remains visible. There are no listed downloads or files directly accessible on the page.

The page’s framing and the inclusion of a sale price imply a ransomware-style data-leak extortion approach—presenting the stolen Dublin Airport data as a commodity and threatening its public release or sale for a set price. The presence of a claim URL suggests additional detail or negotiation terms may exist off-page, but no actual data samples or attachments are shown in the provided data. With two images serving as navigational elements rather than standalone content, the page emphasizes the price tag and the claimed exfiltration, rather than offering verifiable sample data on the leak itself. This underscores the risk to critical transportation infrastructure and highlights the importance of monitoring for exfiltration activity and strengthening data defenses within Ireland’s aviation sector.