INC Ransomware Gang Claims Attack on Air Côte d'Ivoire

Air Côte d'Ivoire, the national carrier of Côte d'Ivoire, confirmed a cyberattack on February 8, 2026, following claims by the INC ransomware group. 

The airline released a statement acknowledging that the breach affected parts of its information system, forcing the use of business continuity plans.

The INC ransomware gang added Air Côte d'Ivoire to its leak site, claiming to have exfiltrated 208 GB of sensitive data. The gang set a ransom deadline of February 24, 2026. According to the threat actor's claims, the compromised data includes:

• Passenger personal information
• Employee records and internal files
• Service provider documentation
• Internal information system data

The number of affected individuals is not disclosed. The airline has not confirmed the volume of data stolen. The INC ransomware group alleges they possess 208 GB of compressed files. 

The incident was reported to both the Ivory Coast Telecommunications Regulatory Authority (ARTCI) and French authorities due to the airline's partial ownership by Air France.

Air Côte d'Ivoire engaged the Côte d'Ivoire Computer Emergency Response Team (CI-CERT) and international cybersecurity experts to investigate the breach. 

The airline claims that its flight program remains stable and continues to operate under international safety standards.