The International Civil Aviation Organization (ICAO), the UN’s aviation agency, experienced a data breach compromising approximately 42,000 job applicant records from April 2016 to July 2024. The leaked data includes names, email addresses, dates of birth, and employment history but excludes financial details, passwords, or passport information.
A threat actor known as “Natohub” claimed responsibility for the breach. ICAO assured that the incident is confined to its recruitment database, with no impact on aviation safety or security systems. An investigation is underway, alongside efforts to strengthen security and notify affected individuals.
This marks ICAO’s second known cyberattack, following a 2016 incident. The breach raises concerns about cybersecurity measures and risks to affected individuals, such as phishing or identity theft. Despite improvements since the prior attack, ICAO faces questions about its system vulnerabilities and reputation
Leave a Reply