Information of 3,200 People Associated with Airbus; At the Mercy of USDoD

The Europe-based multinational aerospace corporation has launched an investigation against the hacker who claims to have compromised information of 32,000 people.

According to the report submitted by the Cybercrime Intelligence Firm Hudson Rock on Tuesday, Airbus encountered a major hack that led to the alleged data breach of around 3200 people associated with their vendors.

The hacker, known as ‘USDoD’ in the world of computer crimes, claimed earlier this month on a cybercrime forum to have planned this attack on Airbus. The compromised information includes names, addresses, phone numbers, email addresses, and job titles of associated vendors, namely Rockwell Collins and Thales.

Important to mention, this is the same threat actor who previously claimed to breach the FBI’s InfraGard database with information of 80,000 people, which includes high-profile military officials, law enforcers, and government employees, along with mighty business leaders and IT professionals.

As per the hacker’s affirmation, they gained access to Airbus' confidential systems by accessing a compromised account belonging to a Turkish airline employee, later confirmed by the Airbus management. According to the initial findings of Hudson Rock, this access resulted from RedLine malware which was initiated after the employee installed a pirated version of .NET.

“Airbus has launched an investigation into a cyber event during which an IT account associated with an Airbus customer has been attacked. This account was used to download business documents dedicated to this customer from an Airbus web portal.” the Airbus Spokesperson stated in the statement given to SecurityWeek.

“Immediate remedial and follow-up measures were taken by our security teams to prevent our systems from being compromised,” he further added.