September 29, 2023

The European aerospace large Airbus stated on Tuesday that it’s investigating a cybersecurity incident following reviews {that a} hacker posted info on 3,200 of the corporate’s distributors to the darkish net.

A risk actor utilizing the moniker “USDoD” posted Monday on BreachForums that they obtained entry to an Airbus net portal after compromising the account of a Turkish airline worker. The hacker claimed to have particulars on hundreds of Airbus distributors, together with names, addresses, telephone numbers and emails, in line with a report from Hudson Rock.

Airbus spokesperson Philippe Gmerek confirmed to Recorded Future Information that hackers breached an “IT account related to an Airbus buyer” and that the corporate was investigating the incident. This account was used to obtain enterprise paperwork devoted to this buyer from an Airbus net portal, the corporate stated.

“Speedy remedial and follow-up measures had been taken by our safety groups to forestall our programs from being compromised,” Gmerek informed Recorded Future Information in an electronic mail.

In accordance with the Hudson Rock, the risk actor — who seems to be linked to a December 2022 breach of the FBI’s InfraGard system — posted the leaked info publicly with out making any calls for. Few particulars are recognized concerning the risk actor or their motivations, however they’ve stated they’re a member of the comparatively new ransomware group often called “Ransomed.”

Aerospace corporations are repeatedly focused by hackers for the delicate information and know-how they maintain. Final week, the FBI, U.S. Cyber Command and the Cybersecurity and Infrastructure Safety Company warned that a number of nation-state hackers exploited two vulnerabilities to focus on an unnamed aerospace firm this 12 months.

In 2019, Airbus skilled a sequence of cyberattacks directed at its suppliers from hackers who had been after business secrets and techniques. China was the principle suspect at the moment, though the nation repeatedly denied involvement in hacking.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

Daryna Antoniuk

Daryna Antoniuk
is a contract reporter for Recorded Future Information based mostly in Ukraine. She writes about cybersecurity startups, cyberattacks in Japanese Europe and the state of the cyberwar between Ukraine and Russia. She beforehand was a tech reporter for Forbes Ukraine. Her work has additionally been revealed at Sifted, The Kyiv Unbiased and The Kyiv Put up.