Air Côte d'Ivoire breach and the rise of aviation breaches

CybAfriqué is a space for news and analysis on cyber, data, and information security on the African continent.

HIGHLIGHTS

Air Côte d'Ivoire breach and the rise of aviation breaches

On February 8, 2026, Air Côte d’Ivoire, the national carrier and one of the country’s largest enterprises, fell victim to a ransomware attack. The company, partially owned by Air France-KLM, officially acknowledged the breach on February 20, but maintained that its flight operations remain functional despite the compromise.

The INC Ransomware group has claimed responsibility for the breach. This group has a high-profile history of international cyber-extortion, including a 2024 breach on the government of Hungary, large-scale attacks in Panama, and a breach on the Pennsylvania Office of the Attorney General.

Aviation incidents are on the rise worldwide. According to a 2025 report from Thales, ransomware attacks in the sector surged by 600% between 2024 and 2025. Just days ago, the Qilin ransomware gang claimed to have breached Malaysia Airlines. In July 2025, a breach involving a third-party contact centre exposed the personal data of approximately 5.7 million Qantas Airways customers. In May 2025, a significant incident took down South African Airways' website, mobile app, and internal booking systems for several days. In June 2025, Canadian carrier WestJet suffered a digital infrastructure intrusion that disrupted its mobile app and internal communications, attributed to the group Scattered Spider.

While the INC Ransom group has a long history of disrupting systems across the U.S. and Europe, this incident marks their first major recorded attack in Africa.

The group has demanded an undisclosed ransom, setting a deadline of February 24 and threatening to release 208 GB of sensitive data, allegedly containing information on third-party service providers, passenger manifests and details, and internal employee records. 

Air Côte d’Ivoire stated they are conducting a formal investigation and are coordinating with the relevant authorities to mitigate the damage.

Africa joins statement against AI deepfakes

On February 23, 2026, 61 data protection authorities (DPAs) released a Joint Statement on AI-Generated Imagery via the Global Privacy Assembly (GPA). The statement warned AI companies to stop the unauthorised depiction of real people. It follows a month of chaos where Elon Musk’s Grok AI was used to flood the internet with millions of non-consensual deepfakes. This "pornification" scandal led to Police Raids in France, bans in Malaysia and Indonesia, and fine threats in the U.K. 

Regulators from Nigeria, Ghana, Kenya, Mauritius, and Burkina Faso joined the coalition. 

FEATURES

• Investigation: Russian spy agency takes over Wagner operations in Africa

• On the front lines of cybercrime

HEADLINE

• INTERPOL operation Red Card 2.0 arrests 651 in African cybercrime crackdown

• Lawyer to sue Safaricom for Sh200mn after court acquits student in misinformation case

• India, Italy, and Kenya Partner to Drive Sovereign AI Adoption Across Africa

• Ghana Internet Safety Foundation honoured by cyber security authority

• Gambia sends mobile biometric passport team to Spain under amnesty programme

• Ghana and Nigeria to tackle cybercrime through bilateral cooperation

• ODPC engages Kenya Privacy Professionals on compliance and data governance

• Data protection laws alone can’t end cybercrime

• South Sudan’s new cybersecurity law alarms journalists

• Uganda’s data regulator orders Meta, WhatsApp LLC to comply with the country’s cross-Border data transfer rules

ACROSS THE WORLD

• EU and India launch online hub for ICT professionals to address labour shortages in Europe; ICMPD to implement the project

• Inside cyber-scam factories trapping Indians in Southeast Asia

• Abu Dhabi finance week data leak exposes passports of global leaders, investors

• FICOBA data breach affects 1.2 million French bank accounts

OPPORTUNITIES

• International conference on financial cryptography and data security. (ICFCDS)

• World conference on cyber security and ethical hacking (WCCSEH)

• FrontLine Defenders is recruiting

See you next week.