European aerospace corporation Airbus is the latest victim of a security breach. The aircraft manufacturer said it discovered a cyber incident on its commercial aircraft business information systems, which resulted in unauthorized access to its employees’ personal data. Airbus designs, manufactures, and sells thousands of civil and military aerospace products globally.
The company stated the majority of the accessed information was professional contacts and IT identification details related to Airbus employees in Europe. However, Airbus clarified that there was no impact on its commercial operations and also stated the incident was being investigated by its security professionals.
“This incident is being thoroughly investigated by Airbus’ experts who have taken immediate and appropriate actions to reinforce existing security measures and to mitigate its potential impact, as well as determining its origins. Investigations are ongoing to understand if any specific data was targeted, however, we do know some personal data was accessed. This is mostly professional contact and IT identification details of some Airbus employees in Europe,” Airbus said in a statement.
Airbus notified the data regulatory authorities about the data breach in accordance with the GDPR (General Data Protection Regulation). It also suggested its employees take the necessary precautions to prevent further loss.
In a recent similar incident, the Amadeus online ticket booking system exposed passengers’ private data due to a security flaw, allowing potential attackers to view and change information. According to the security researcher Noam Rotem at Safety Detective research labs, the security flaw could let anyone manipulate someone’s ticket reservation for any airline which has used the Amadeus reservation system.
Also, a software glitch possibly exposed personal information of 285 members who used the Singapore Airlines (SIA) services. The Singapore flag carrier stated that a bug in its website caused a data leakage of KrisFlyer, a regular flyer program of Singapore Airlines. The bug exposed KrisFlyer customers’ personal information, including the member’s full name, email address, membership tier, account number, the accumulated miles/rewards, travel history, passport, and flight information.