United Nations aviation agency hacked, database plundered

The United Nations' aviation agency has confirmed that hackers have compromised its systems, and accessed thousands of records stored in its internal recruitment database.

The admission came after a hacker called "Natohub" claimed on a underground forum on Monday that they had stolen data and put the information up for sale.

The International Civil Aviation Organization (ICAO), which sets global standards and regulations for aviation safety and security, confirmed in a statement published on its website that approximately 42,000 of its recruitment records dating from April 2016 to July 2024 had indeed been stolen.

The security breach has exposed personal details entered by job applicants into ICAO's systems, including names, email addresses, dates of birth, and employment history.

According to the agency, the breach has not exposed more sensitive information such as financial details, passwords, passport details, or documents uploaded by individuals when applying for jobs.

Furthermore, ICAO emphasised that the hack was limited to its recruitment data, and had not impacted any systems related to aviation safety or security operations.

The hacker, meanwhile, claimed in their post on the BreachForums 2 website that they had also accessed applicants' home addresses, genders, educational backgrounds, and marital statuses.

The aviation agency, which is headquartered in Montreal, says that it is determining who had been impacted by the data breach, and would be notifying affected individuals.

This is not the first time that the UN's aviation agency has suffered at the hands of hackers. In November 2016, hackers linked to China hacked the ICAO, stealing employee data, and spreading malware via a watering hole attack.

Journalists in 2019 claimed that the ICAO had attempted to cover up the hack, fearful that it would show them in a bad light after investigators "found a network full of holes, with security vulnerabilities that should have been flagged years earlier."

There are likely to be suspicions that the latest hack of the ICAO may also be the work of hackers backed by China.

"ICAO takes the privacy and security of personal information extremely seriously. We will provide further updates as our investigation progresses," said a spokesperson for the agency.