United Nations Fears Data Breach Leaking Global Aviation Data

• The International Civil Aviation Organization (ICAO), which is an agency of the United Nations, is investigating a possible cybersecurity incident. 
• A ransomware group has been found claiming the ICAO cyber attack on the hacker forum.
• Records in over 42,000 documents susceptible to being exposed due to the alleged ICAO data breach

The International Civil Aviation Organization of the United Nations is looking into an alleged cyber attack impacting records including but not limited to names, date of birth, and employment details saved in its system.

A hacker forum post by a cybercriminal group called ‘Natohub,’ has been circulating in the media claiming the ICAO data breach. While the United Nations International Civil Aviation Organization investigates possible data leaks and sales, the hacker has put the stolen data on sale on the dark web marketplace. 

The stolen data in the 42,000 documents from the potential ICAO data leak contains the following records:

1. First and last name.
2. Date of birth.
3. Gender.
4. Marital Status.
5. Phone number.
6. Full address with zip code.
7. Both primary and secondary email addresses.
8. Education.
9. Employment data.

The screenshot of the post on the hacker read that the threat actor joined the platform in June 2024 last year. They seem to have posted samples of the stolen data belonging to the ICAO as proof of the claim. 

Going by the name Natohub and its targets, it can be ascertained that it is after NATO nations. 

The claimer Natohub was previously linked to a cyber attack on the US Department of Defence, claiming to have stolen records from the United Nations and the United States Marine Corps. 

The stolen data from the alleged ICAO data breach is on sale and may be used for social engineering attacks, duplicating the documents, creating fake accounts using stolen user details, identity theft, false insurance claims, and financial fraud, among others. 

In case of receiving any communication via any channel, it is advised to ask the official website of the service provider to confirm before disclosing any more sensitive information. They must be reported to law enforcement in person or via their portal depending on one’s region or nation. 

The ICAO holds the records of aviation personnel and property belonging to its member nations across the globe. It is essential to be vigilant throughout especially this year, to prevent being scammed by the buyers of the records from the United Nations ICAO cyber attack. A scammer may send emails asking to update the password, bank details, and insurance details among other things, to maliciously access your account and device.