A claim to hold detailed information from an Airbus vendor database has been made by a hacker known as USDoD, who is now offering it for sale on a popular clear web hacking forum.
The hacker, under the moniker USDoD, made the announcement on the forum and has posted a small sample of the dataset as proof. This sample includes the personal and professional details of high-ranking executives from companies like Thales Avionics, Aerolux, and employees of Bournemouth International Airport. The information revealed includes names, addresses, full contact details, titles, and coverage areas such as Asia-Pacific or Europe, the Middle East and Africa.
According to the hacker, access to Airbus’ systems was obtained using the credentials of an employee from a Turkish airline. The forum post by USDoD claims, “This month I got access to airbus site using a emploey acces from some turkish airline and this got me inside of alot of stuff plus their vendors data.”
The data is currently being sold on the forum for a few euros, and the hacker has threatened to target other companies as well. USDoD stated, “Lockheed martin, Raytheon and the entire defense contractos I’m coming for you bitchs.”
Alon Gal, a security researcher at Israeli cyber security company Hudson Rock, confirmed the extent of the dataset, stating that it contains 3,200 sets of records. Gal also believes he has identified the employee whose credentials were used in the hack, as they were recorded on Hudson Rock’s database as a victim of a recent info-stealing campaign.
In addition to the Airbus vendor database breach, USDoD also claimed to have joined a ransomware group called Ransomed, which began operating in August 2023. This raises concerns about the potential for future cyber attacks and data breaches.
Upon learning of this breach, Airbus has been contacted for comment, and their response has yet to be received.
This incident serves as a reminder of the constant threat of cyber attacks and the potential vulnerability of sensitive data. It also highlights the importance of robust security measures and constant vigilance in the face of evolving cyber threats. The unauthorized access and sale of this data could have serious repercussions for the affected individuals and companies, and it underscores the need for heightened cybersecurity measures to prevent such breaches in the future.