The United Nations aviation agency, based in Montreal, is investigating an information security breach involving the alleged release of recruitment application records spanning from April 2016 to July 2024.
The International Civil Aviation Organization (ICAO) disclosed on Tuesday that 42,000 records were reportedly exposed by a threat actor known as Natohub. However, the agency assured that systems linked to aviation safety and security remain unaffected.
“We can confirm that this incident is limited to the recruitment database and does not affect any systems related to aviation safety or security operations,” ICAO said.
The breach was first highlighted on a data breach-focused website frequented by cybercriminals, where claims of stolen ICAO data emerged. A sample of job applicants’ records was reportedly shared, including names, email addresses, dates of birth, and employment histories.
Crucially, ICAO confirmed that the compromised data does not include financial details, passwords, passport information, or documents uploaded by applicants.
“We are also working to identify and notify affected individuals,” ICAO said.
The agency is actively investigating the incident and has implemented enhanced security measures to safeguard its systems. Efforts are underway to identify and notify affected individuals.
This marks the second known cyber incident for ICAO, which was targeted in a 2016 hack. In response to that breach, the agency implemented significant security upgrades.
ICAO, which has 193 member states, plays a critical role in global aviation, setting standards for operations ranging from runways to seat belts. Established in 1944, the agency’s mandate focuses on ensuring a unified air navigation system worldwide.
The investigation into the current breach underscores the growing challenge of safeguarding sensitive data, even within international organizations.