UN aviation agency ICAO looking into security incident
The International Civil Aviation Organization (ICAO), a United Nations (UN) agency that diplomatically and technically helps 193 countries to share their skies, is actively investigating reports of a potential security incident.
According to the aviation agency, the security incident is potentially linked to a threat actor that is known for targeting international organizations.
“ICAO can now confirm that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 claimed to be released by the threat actor known as Natohub,” the organization says in a press release.
The attacker might be in possession of personal information that applicants entered in ICAO’s computer systems, including full names, email addresses, dates of birth, and employment history. The compromised data does not include sensitive information like financial information, passwords, passport details, or any document that applicants have uploaded.
The UN aviation agency can confirm the incident is limited to the recruitment database and hasn’t affected other systems related to aviation safety or security operations.
“Our investigation and response efforts continue, and we have implemented additional security measures to protect our systems. We are also working to identify and notify affected individuals,” ICAO says.
“At this early stage of our investigation, we cannot provide additional details about the incident or confirm specific claims about the data potentially involved,” an ICAO spokesperson told Reuters. The organization promises to post updates as the investigation continues.
In a posting on a popular hacking forum on the dark web, Natohub claims to have stolen 42,000 documents of user data.
This includes first and last names, dates of birth, gender, marital status, country, postal addresses, cities, states, zip codes, phone numbers, primary and secondary email addresses, education information, and employment information.
Your email address will not be published. Required fields are marked