Airbus Data Breach Exposes 3,200 Vendors’ Personal Details
European commercial aircraft manufacturer Airbus confirmed a data breach incident that exposed sensitive information of its suppliers. The breach is said to have occurred with the help of an info-stealing malware that was deployed using pirated software.
The incident first came to light when Israel-based cybercrime intelligence firm, Hudson Rock revealed that a threat actor nicknamed ‘’USDoD’’ had published the stolen data to the BreachForums website.
The group, which claims to have recently joined the notorious ransomware group ‘’Ransomed,” posted that the Airbus published vendor data included prominent names like Rockwell Collins and Thales Group. It included details like the names, email IDs, addresses, and phone numbers of around 3,200 Airbus vendors.
The threat actors allegedly claimed to have infiltrated Airbus’ network via a compromised account of a Turkish Airline employee. The initial victim’s system is said to contain third-party login credentials for Airbus.
‘’The victim likely attempted to download a pirated version of the Microsoft .NET framework, as indicated in the malware path. [..] fell victim to a threat actor utilizing the commonly employed RedLine info-stealing family,’’ Hudson Rock revealed.
It further went on to say that ‘’credentials obtained from info-stealer infections, which have become the primary initial attack vector in recent years, provide threat actors with easy entry points into companies, facilitating data breaches and ransomware attacks.’’
Airbus on the other hand after receiving Hudson Rock’s notification immediately launched an investigation into the incident. It also deployed remedial measures to prevent any further damage to its security system.
The hacker ‘‘USDoD’’ is said to be associated with the December 2022 data breach and sale of FBI’s information sharing system, ‘’InfraGard,’’ a database containing details of nearly 80,000 government, business, and military individuals. Moreover, it has also claimed that its potential future targets include defense contractors like Lockheed Martin and Raytheon.
