Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
UN civil aviation authority ICAO has released a new update on the January cyber incident as the investigation continues.
The International Civil Aviation Organization (ICAO) has released a second update regarding the data breach it confirmed last week.
While the original leak featured more than 42,000 recruitment forms, the ICAO has now determined the exact number of individuals impacted.
“ICAO has confirmed that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 claimed to be released by the threat actor known as Natohub,” ICAO said in an update released on 11 January.
“After completing careful review of the data, ICAO can now confirm that 11,929 individuals are affected. ICAO is now reaching out to these individuals. Support is being provided through a dedicated mailbox, which can be reached at [email protected].”
Natohub posted the details of the hack on a popular hacking forum on 6 January, offering around 42,000 documents for sale for a few euros. The hacker also shared two sample documents, which were recruitment forms for the ICAO and included names, addresses, marital status, contact information, and emergency contact information.
Another forum member, who presumably purchased the data, suggested there were 57,240 unique emails in the data set, including 1,661 .gov.xx emails and 148 emails belonging to Australia’s .au domain.
The ICAO is headquartered in Montreal, Canada, and has 193 nations – including Australia – as members.
This is the second cyber incident the ICAO has suffered in recent years. In 2016, a Chinese-backed hacking group compromised two of the ICAO’s servers and used the compromised devices to spread malware among the agency’s members. At the time, the ICAO was accused of attempting to cover up the incident and conducting inadequate post-incident remediation.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
