GCHQ revealed in a report in July 2019 that a phishing scam targeting hundreds of thousands of airline customers was prevented in August 2018 by the UK intelligence services as part of the National Cyber Security Centre’s Active Cyber Defence programme. The scammer used a fake gov.co.uk id and tried to defraud people but it didn’t reach the intended recipients.
UK is hardly alone as the Israel ports Authority blocks more than three million cyberattack attempts on a daily basis, as reported by the Times of Israel.
Here are five other examples of attacks and data breaches affecting airports and airlines.
Heathrow Airport: fined for failing to protect data
Heathrow Airport was fined £120,000 by the Information Commissioner’s Office (ICO) for failing to secure sensitive data after an employee lost a memory stick that contained confidential information. It was found by a member of the public who viewed its contents in a library in West London.
The memory stick which contained information such as the Queen’s travel routes, a training video that exposed the names, dates of birth and passport numbers of ten people and personal data of up to 50 Heathrow aviation security personnel was not password protected and the data was not encrypted. The ICO discovered just 2% of the 6,500 workers at Heathrow were trained in data protection and urged the airport to improve education on the subject.
Atlanta Airport: ransomware attack forces wifi shutdown
Hartsfield-Jackson Atlanta International Airport, shut off its internal Wi-Fi network as a security measure in March last year, as the city of Atlanta’s government network underwent a ransomware attack, reported the Wall Street Journal.
Reportedly, files were encrypted and held at ransom in multiple official computers by an attacker known as SamSam. The Atlanta airport switched off the Wi-Fi service to avoid any malicious ransomware spreading to airport authority computers, airline computers, and possibly customers’ computers. While the Wi-Fi network was affected, no flight disruptions were caused.
British Airways: data breach putting thousands’ data at risk
A sophisticated breach between Tuesday August 21 to Wednesday September 5 2018 saw 380,000 passengers’ personal and financial details being stolen by hackers which included names, credit card details such as card numbers, expiry dates and three-digit CVV codes and email addresses.
A post on the BA website said people should contact their banks if they think they were affected by the attack.
Cathay Pacific: personal data of millions leaked
Data of nearly 9.4 million people was at unprecedented risk after their personal information was accessed in a security breach witnessed by the airline. The Hong Kong airline said a wide range of data including passport numbers, identity card numbers, travel history, email addresses and expired credit card details were among the data leaked.
Chief executive Rupert Hogg said no information was misused and an investigation was in place to find who was behind the cyber attack. He also assured that the attack was controlled and that IT security measures would be strengthened after this event.
Air Canada: private information on the app stolen
The airline warned customers who had entered personal details into the Air Canada app that their data may have been breached. The company said it noticed an unusual log in which was trying to steal personal data of customers forcing it to instantly lock all of its 1.7 million accounts.
Despite the lockdown data from 20,000 people was still reportedly stolen. The basic information that was at risk included names, email addresses, phone numbers and additionally if customers had entered their passport details then those could have been copied as well.