Thousands of records have been compromised after the recruitment database of the United Nation’s aviation agency was breached.
The Canada-based International Civil Aviation Organization (ICAO) admitted that it was investigating a potential breach yesterday but has now released some details.
The scale of this breach, though, is tiny compared to some of the cyberattacks that have hit private companies. In the last year alone, Comcast, Dell, and Dropbox have had to hold their hands up and admit hackers have accessed their data.
What Data Has Been Exposed?
The organization oversees the aviation relationships between 193 countries. It has confirmed that job applicants’ names, email addresses, dates of birth, and employment history are among the details that have been stolen.
“The affected data does not include financial information, passwords, passport details, or any documents uploaded by applicants.” – ICAO spokesperson
This just in! View
the top business tech deals for 2025 👨💻
It sent a statement to TechCrunch confirming the incident, relaying: “ICAO can confirm that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 claimed to be released by the threat actor known as Natohub.”
Who Is the Hacker?
The hacker goes by the alias of Natohub and had announced their victory at the weekend on a cybercrime forum. They are also now selling data for nominal fees.
ICAO said in a statement that the hacker is “a threat actor known for targeting international organizations.”
What Action Is Being Taken?
The ICAO is being tight-lipped and promises more information after its investigation is complete. However, it did say: “We take this matter very seriously and have implemented immediate security measures while conducting a comprehensive investigation.”
While the volume of data stolen is relatively small, this incident will have far-reaching consequences because of the substantial role of ICAO across the world.
