The International Civil Aviation Organization (ICAO), a United Nations agency, has confirmed that its recruitment database was breached, resulting in the theft of approximately 42,000 records.
The announcement follows claims by a threat actor using the handle ‘Natohub,’ who leaked the stolen data on the BreachForums hacking forum earlier this week.
According to Natohub, the archive includes sensitive details such as names, dates of birth, addresses, phone numbers, email addresses, and applicants’ education and employment histories. A second threat actor claimed the leak contains 2GB of data, encompassing 57,240 unique email addresses.
“ICAO can now confirm that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 claimed to be released by the threat actor known as Natohub,” said ICAO in the updated statement.
“The compromised data includes recruitment-related information that applicants entered into our system, such as names, email addresses, dates of birth, and employment history. The affected data does not include financial information, passwords, passport details, or any documents uploaded by applicants. We can confirm that this incident is limited to the recruitment database and does not affect any systems related to aviation safety or security operations.”
The agency clarified that the exposed data does not include financial details, passwords, passport information, or any documents uploaded by applicants. Additionally, ICAO said that the incident is isolated to the recruitment database and does not impact aviation safety or security systems.
The agency said that it has implemented enhanced security measures to prevent future breaches and is conducting a comprehensive assessment of the incident's impact. Efforts are underway to identify and notify affected individuals.