Aerospace giant Airbus has fallen victim to a data breach, thanks in part to the inattention of a third party.
Israel-based cybercrime intelligence company Hudson Rock published evidence of the breach, later partially confirmed by Airbus.
According to Hudson Rock, a cybercriminal known as "USDoD" posted the personal information of 3,200 Airbus vendors on a hacking forum. Despite USDoD announcing their membership of the "Ransomed" ransomware group, the leak appeared to be a simple data dump.
Unusually for a cyber baddie, USDoD also explained how access had been obtained. In this instance, it was by exploiting employee access from a Turkish airline, according to researchers.
The team were able to use this information to trace the access back to a Turkish computer infected with info-stealing malware in 2023. Researchers then provided evidence that the computer "belongs to an employee of Turkish Airlines and contains third-party login credential details for Airbus."
An attempt to download an unauthorized version of the Microsoft .NET framework was blamed for the infection, which resulted in the installation of info-stealing malware on the victim's computer.
Airbus told The Register that it had launched an investigation, noting that an account associated with an Airbus customer had been attacked, although it did not confirm the identity of the customer. It said: "This account was used to download business documents dedicated to this customer from an Airbus web portal."
It went on: "Immediate remedial and follow-up measures were taken by our security teams to prevent our systems from being compromised."
The company told us that its position as "a major high tech and industrial player" made it a target for attack.
Support the originator by clicking the read the rest link below.
