Airbus Data Breach from a Partner Airline’s Compromised Account Leaks Confidential Information

Airbus has confirmed a data breach that exposed confidential business information via a partner airline’s compromised account.

Threat intelligence firm Hudson Rock said the threat actor ‘USDoD’ compromised a Turkish Airlines employee account using the Redline info-stealer malware in August 2023. The malware targets saved passwords and session cookies, allowing threat actors to bypass multifactor authentication.

Hudson Rock suggested that the Turkish airline employee infected their computer after downloading a “pirated version of the Microsoft .NET framework.”

The threat actor announced the airplane-themed data breach on the 22nd anniversary of the September 11 terrorist attacks and threatened “Lockheed Martin, Raytheon, and the entire defense” industry.

The hacker who was also responsible for an FBI data leak exposed the stolen data on the English language hacking forum BreachForums shortly after joining the ransomware group ‘Ransomed.’