
The International Civil Aviation Organization (ICAO) is currently investigating reports of a “potential information security incident” after allegations surfaced that a significant number of its records may have been digitally compromised.
The ICAO, a specialised agency of the United Nations, has taken the situation seriously, implementing immediate security measures and launching a comprehensive probe into the matter.
Further details are expected to be disclosed following the preliminary findings of the investigation. The ICAO noted that the incident may be linked to “a threat actor known for targeting international organisations.”
The claim of a data breach was first reported on a hacker forum on 6 January, suggesting that approximately 42,000 records were stolen from the agency, Reuters reported.
ICAO has not confirmed the specifics of the data potentially involved at this early stage of their investigation.
The agency was targeted by a hack in 2016. Since then, ICAO has stated that it has enhanced its security protocols to prevent such incidents.
Aviation’s hacking record
In October 2023, Spanish carrier Air Europa suffered a cybersecurity incident affecting its payment gateway, which permitted access to the credit card information of certain customers.
The breach came merely two years after Air Europa faced a €600,000 penalty for an earlier data security incident involving customer information.
In a separate incident, the personal information of thousands of pilot candidates for American Airlines and Southwest Airlines was compromised in June 2023 following a data breach at the recruitment software firm Pilot Credentials.