Korean Air KC&D: Supply Chain Breach and the Data That Never Left cover art

Korean Air KC&D: Supply Chain Breach and the Data That Never Left

Korean Air KC&D: Supply Chain Breach and the Data That Never Left

Listen for free

View show details

About this listen

 EPISODE DESCRIPTIONIn this episode of The AI Governance Briefing, Dr. Tuboise Floyd breaks down the Korean Air / KC&D supply chain breach — a forensic autopsy of what happens when data governance doesn't travel with the data.In December 2025, Korean Air disclosed that 30,000 employee records were stolen. The breach didn't come through Korean Air's systems. It came through KC&D Service — a catering subsidiary spun off and sold to private equity in 2020. Five years later, KC&D was still holding Korean Air employee data on an unpatched Oracle ERP server. The Cl0p ransomware group exploited CVE-2025-61882 — CVSS 9.8 — and published 500GB on a dark web leak site.Six TAIMScore™ controls failed simultaneously. Three domains. All because the data moved out of sight — not out of risk.This is a Failure File™. Not a warning. A forensic record.──────────────────────────────────────KEY TOPICS──────────────────────────────────────∙ Supply chain governance and third-party vendor risk∙ What happens when a divestiture doesn't include data governance∙ The Oracle EBS zero-day and its 100+ organizational victims∙ TAIMScore™ forensic: GOVERN, MAP, and MANAGE domain failures∙ The one question every institution needs to ask today──────────────────────────────────────FRAMEWORKS REFERENCED──────────────────────────────────────→ Failure Files™ — humansignal.io/failure-files→ TAIMScore™ Assessor Workshop — humansignal.io/taimscore_assessor_workshop→ GASP™ (Governance As a Structural Problem) — humansignal.io/frameworks/gasp→ The Trust Gap — humansignal.io/frameworks/trust-gap→ L.E.A.C. Protocol™ — humansignal.io/leac-protocol──────────────────────────────────────SUPPORT THE SHOW──────────────────────────────────────Subscribe now to lock in the feed. This isn't just content — it's a continuing briefing for the Builder Class.Help fuel independent AI governance research, new episodes, and the Failure Files™ series.🔗 https://theaigovernancebriefing.com/supportEvery contribution sustains the signal.──────────────────────────────────────ABOUT THE HOST──────────────────────────────────────Dr. Tuboise Floyd is the Founder and Chief Sensemaking Officer of Human Signal — an independent AI governance research and media platform based in Washington, DC. He is the Editor in Chief of The AI Governance Record, Host of The AI Governance Briefing, and a TAIMScore™ Certified Assessor (HISPI, March 2026).A PhD social scientist (Auburn University, Adult Education / Systems Theory), Dr. Floyd reverse-engineers institutional AI failures and builds governance frameworks that operators can actually use. His canonical thesis: most institutions will not fail because of a bad AI model. They will fail because of a broken governance structure around it.Independence is not a feature. It is the product.──────────────────────────────────────PRODUCTION NOTES──────────────────────────────────────Host & Producer: Dr. Tuboise FloydCreative Director: Jeremy JarvisA Human Signal ProductionRecorded with true analog warmth. No artificial polish, no algorithmic smoothing. Just pure signal and real presence for leaders who value authentic sound.──────────────────────────────────────CONNECT──────────────────────────────────────Website: humansignal.ioPodcast: theaigovernancebriefing.comLinkedIn: linkedin.com/in/drtuboisefloydEmail: tuboise@theaigovernancebriefing.comGeneral inquiries: hello@theaigovernancebriefing.com──────────────────────────────────────TRANSCRIPT──────────────────────────────────────Full transcript available at:https://theaigovernancebriefing.com/blog──────────────────────────────────────LEGAL──────────────────────────────────────© 2026 Dr. Tuboise Floyd. All rights reserved. Content is part of ...
No reviews yet