The United Nations Aviation Agency has confirmed that a hacker has access to thousands of records after compromising its internal recruitment database.
Over the weekend, an individual using the pseudonym “Natohub” claimed to have access to 42,000 documents from the International Civil Aviation Organization (ICAO). The agency said it was investigating the incident on Monday and, in an updated statement sent to TechCrunch on Tuesday, it confirmed Natohub’s claims.
“ICAO can confirm that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 that are alleged to have been released by the threat actor known as Natohub,” he said.
ICAO said the compromised data includes information including job applicants’ names, email addresses, dates of birth and employment history. “The affected data does not include financial information, passwords, passport details or any documents uploaded by applicants,” the agency added.
ICAO said the breach is “limited” to its recruitment database and that it is working to identify and notify affected individuals.
