(Paris) Airbus was the victim of a data leak after a hacker recovered the contacts of 3,200 suppliers of the European aeronautics giant after infecting the computer of an airline employee, he said. -we learned on Friday from consistent sources.
This attack, known as “bounce”, allowed the hacker who acts under the nickname “USDoD” to recover the names, addresses, email addresses and telephone numbers of employees of companies like Thales or Rockwell Collins, revealed the cybersecurity company Hudson Rock.
“Airbus has launched an investigation into a cyber event in which an IT account associated with an Airbus customer was attacked. This account was used to download commercial documents dedicated to this customer from an Airbus web portal,” the European giant confirmed.
“Our security teams immediately took corrective and follow-up action to prevent our systems from being compromised,” he added in a statement.
On August 21, the hacker managed to infect the computer of a Turkish Airlines employee in order to obtain his credentials allowing him to connect to a dedicated Airbus portal where the contact data of 3,200 suppliers is accessible , details Hudson Rock.
“Information stealer infections have jumped an incredible 6,000% since 2018, making them the leading initial attack vector used to infiltrate organizations and execute cyberattacks, including ransomware, data theft , account takeovers, and corporate espionage,” the cybersecurity company notes.
This data theft is on a much smaller scale than that which hit Airbus in 2019 when a series of attacks via several subcontractors aimed to recover technical aeronautical certification documents in particular. These industrial espionage operations were then suspected of being piloted from China.
“As a major player in high technology and industry, Airbus is a target for malicious actors,” recalls the manufacturer, which assures that it “permanently monitors activities on its IT systems, has monitoring tools robust protection, qualified cyber experts and associated processes to protect the enterprise.
