(Paris) Airbus was the victim of a data leak after a hacker recovered the contacts of 3,200 suppliers of the European aeronautics giant after infecting the computer of an airline employee, he said. -we learned on Friday from consistent sources.
This attack, known as “bounce”, allowed the hacker who acts under the nickname “USDoD” to recover the names, addresses, email addresses and telephone numbers of employees of companies like Thales or Rockwell Collins, revealed the cybersecurity company Hudson Rock.
“Airbus has closed the investigation into a cyber event during which an IT account associated with an Airbus customer was attacked. This account was used to download the professional contact details of certain Airbus suppliers, which we informed accordingly,” the European giant said.
Airbus initially indicated that the downloaded data were “commercial documents”.
“Our security teams immediately took corrective and follow-up measures to limit the impact and prevent our systems from being compromised,” he said in a statement sent to AFP.
On August 21, the hacker managed to infect the computer of a Turkish Airlines employee in order to obtain his credentials allowing him to connect to a dedicated Airbus portal where the contact data of 3,200 suppliers are accessible. , details Hudson Rock.
“Information stealer infections have jumped an incredible 6,000% since 2018, making them the primary initial attack vector used to infiltrate organizations and execute cyberattacks, including ransomware, data theft , account takeovers and corporate espionage,” notes the cybersecurity company.
This data theft is on a much smaller scale than that which hit Airbus in 2019 when a series of attacks via several subcontractors aimed to recover technical aeronautical certification documents in particular. These industrial espionage operations were then suspected of being piloted from China.
“As a major player in high technology and industry, Airbus is a target for malicious actors,” recalls the manufacturer, which assures that it “permanently monitors activities on its IT systems, has tools robust protection systems, qualified cyber experts and associated processes to protect the enterprise.