UN civil aviation agency breach toll confirmed, Arab aviation org compromised

Security Affairs reports that the United Nations' International Civil Aviation Organization has confirmed that data from 11,929 individuals were compromised a month after threat actor natohub claimed to exfiltrate 42,000 application records from its recruitment database between April 2016 and July 2024.

Information exposed by the incident included names, birthdates, email addresses, and employment history, said ICAO in an updated statement that emphasized the delivery of breach notices to impacted individuals. Such a development comes as the Arab Civil Aviation Organization was reported by Resecurity to have had its staff and members' records and credentials stolen following an attack that involved the exploitation of an SQL injection vulnerability in its web app. Included in the exfiltrated ACAO data leaked on the dark web earlier this week were logins, password hashes, emails, and communications referencing the Qatar Aircraft Accident and Incident Investigation Unit, Iran Civil Aviation Authority, Aviation Investigation Bureau of the Kingdom of Saudi Arabia, Jordan Civil Aviation Regulatory Commission, and Aviation Accident Investigation Division members, according to Resecurity.