Airbus suffers security breach with personal information stolen

The extent of the damage is currently unknown but the aircraft manufacturer confirmed that personal data was accessed

Airbus Headquarters

International aerospace juggernaut Airbus that it suffered a security breach which affected its commercial aircraft business.

The breach "resulted in unauthorised access of data", according to Airbus, which included some personal information that was mostly [contained to] professional contact and IT identification details of some Airbus employees in Europe.

"No customer data was subject to unauthorised access," said an Airbus spokesperson.

It's unclear whether the attack was targeted at specific data or whether it was an opportunistic attack, but the manufacturer of the popular A380 aircraft said the "incident is being thoroughly investigated by Airbus" experts who have taken immediate and appropriate actions to reinforce existing security measures and to mitigate its potential impact, as well as determining its origins.

Due to data belonging to EU citizens was at risk, the GDPR requires companies that suffer data breaches to notify relevant authorities as soon as practicable, something that Airbus has done already. "Employees are being advised to take all necessary precautions going forward," said Airbus.

"Airbus continuously monitors activities on its systems, has detection mechanisms in place and constantly shares information with partners and the cybersecurity community, said an Airbus spokesperson. "The incident was detected on 6th January 2019. All of the relevant authorities were informed, including the lead data protection authority for Airbus, the CNIL in France." 

"The unauthorized access to employee data and IT identification points to possible identity theft either to impersonate Airbus employees or to abuse employees credentials to gain further access to sensitive systems, which are now common hacking techniques used by cybercriminals and nation-state actors, said Joseph Carson, chief security scientist at Thyotic".

Airbus becomes the third firm in the space of a year in their line industry to suffer from a cyber attack.

March 2018 saw Boeing fall victim to the WannaCry ransomware which impacted its production operations.

And how could we forget the double whammy of British Airways attacks in 2018, the first of which was only uncovered through an investigation of the attack it sustained in September.

The attacks combined to expose and facilitate the theft of hundreds of thousands of customer financial and personal details.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

22 Apr 2021
What is hacktivism?
hacking

What is hacktivism?

22 Apr 2021
Geico data breach leads to stolen driver’s license numbers
data breaches

Geico data breach leads to stolen driver’s license numbers

21 Apr 2021
UK’s IoT security regulation will also include smartphones
Internet of Things (IoT)

UK’s IoT security regulation will also include smartphones

21 Apr 2021

Most Popular

REvil threatens to release Apple’s hardware schematics
ransomware

REvil threatens to release Apple’s hardware schematics

21 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Samsung Galaxy S21 Ultra review: Ultra in every sense of the word
Mobile Phones

Samsung Galaxy S21 Ultra review: Ultra in every sense of the word

22 Apr 2021