53/68 Friday, February 7, 2025
The International Civil Aviation Organization (ICAO) is urgently investigating a data breach that has impacted its systems and employee security. In its latest statement, ICAO confirmed reports of a potential security incident linked to a threat group known for targeting international organizations. The breach came to light after a post on a well-known hacker forum claimed access to 42,000 ICAO documents, including personally identifiable information (PII) of job applicants from 2016 to 2024. The stolen data includes names, email addresses, birthdates, and employment history.
Following a detailed investigation, ICAO confirmed that 11,929 individuals have been affected. The organization is actively notifying impacted individuals and implementing measures to address the issue. Cybersecurity experts indicate that the attack was executed through an SQL Injection vulnerability in a web application, allowing hackers to extract employee and member data. The compromised data includes records from key aviation regulatory bodies, such as the Saudi Arabian Aviation Investigation Office and the Jordan Civil Aviation Regulatory Commission, affecting aviation safety experts and incident investigators.
This incident underscores the rising cybersecurity risks faced by international aviation organizations, with potential motives extending beyond financial gain to espionage and intelligence gathering. The leaked data was reportedly published on the Dark Web on February 4, 2024, raising concerns about future targeted cyberattacks. The breach highlights the urgent need to strengthen the security of critical aviation infrastructure and protect sensitive organizational data in an era of increasingly sophisticated cyber threats.
