The United Nations Aviation Agency has confirmed that a hacker accessed thousands of records after its internal recruitment database was compromised.
Over the weekend, a man using the alias “Natohub” claimed to have accessed 42,000 documents from the International Civil Aviation Organization (ICAO). The agency said it was investigating the incident on Monday And, in an updated statement sent to TechCrunch on Tuesday, it confirmed Natohub’s claims
“ICAO can confirm that the reported data security incident involved approximately 42,000 recruitment application data records from April 2016 to July 2024 that are claimed to have been exposed by a threat actor known as Natohub,” it said.
The ICAO said the compromised data included information including job applicants’ names, email addresses, dates of birth and employment history. “The affected data does not include financial information, passwords, passport details or any documents uploaded by applicants,” the agency added.
ICAO said the breach was “confined” to the recruitment database and it was working to identify and notify those affected.