The International Civil Aviation Organization (ICAO) has officially confirmed a significant data breach affecting approximately 42,000 recruitment records. The breach, initially discovered and announced by the agency earlier this week, was claimed by a threat actor known as “Natohub” on the BreachForums hacking platform.
The compromised data spans from April 2016 to July 2024 and includes:
– Names
– Dates of birth
– Addresses
– Phone numbers
– Email addresses
– Education information
– Employment history
ICAO has assured that no financial information, passwords, passport details, or uploaded documents were compromised in the breach. The agency emphasized that the incident was confined to the recruitment database and does not affect aviation safety or security operations.
The breach has been independently verified, with another threat actor reporting that the leaked archive contains 2GB of files with information linked to 57,240 unique email addresses.
In response, ICAO has:
– Implemented additional security measures
– Initiated an impact assessment
– Begun the process of identifying and notifying affected individuals
This incident adds to a series of cyber attacks targeting UN organizations, including previous breaches at UN networks in Vienna and Geneva (2019), the UN Development Programme (2024), and the UN Environmental Programme (2021), where over 100,000 employee records were exposed.