Data Breach

Threat actor leaks sensitive data belonging to Airbus

The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company.

The multinational aerospace corporation Airbus announced that it is investigating a data leak after cybersecurity firm Hudson Rock reported that a hacker posted information on thousands of the company’s vendors to the dark web.

A threat actor who goes by the moniker “USDoD” announced he had gained access to an Airbus web portal by compromising the account of a Turkish airline employee.

The hacker claimed to have details on thousands of Airbus vendors. The threat actors obtained the personal information of 3,200 individuals associated with Airbus vendors, exposed data include names, job titles, addresses, email addresses, and phone numbers. 

In December 2022, the FBI’s InfraGard US Critical Infrastructure Intelligence portal was hacked and a database containing the contact details of more than 80,000 high-profile private sector individuals was offered for sale by USDoD on the Breached cybercrime forum.

After the law enforcement shutdown of “Breached” forum, its members, including “USDoD,” moved to other platforms such as “BreachForums.”

“USDoD” posted two threads on this new forum, one to announce they have joined the notorious ransomware group Ransomed. In the second threat, the hacker exposed the personal information of 3,200 sensitive Airbus vendors. USDoD also warned that Lockheed Martin and Raytheon might be the next targets.

“Threat actors typically refrain from revealing their intrusion techniques, however in this exceptionally rare leak, “USDoD” revealed they gained access to Airbus’s data by exploiting “employee access from a Turkish Airline”.reported Hudson Rock. “Using this information, Hudson Rock researchers succeeded to trace the mentioned employee access — a Turkish computer infected with an info-stealing malware in August 2023.”

According to the researchers, the computer of the victim was likely infected with the RedLine stealer after he attempted to download a pirated version of the Microsoft .NET framework.

Airbus’s CERT team confirmed the analysis published by Hudson Rock.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data leak)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild

Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on…

8 hours ago

Hidden Web Prompts Trick AI Agents Into Sending Money

Hidden prompts on malicious websites trick AI agents into making payments or trusting fake sites,…

15 hours ago

Seven Bugs in FatFs Put IoT and Embedded Devices at Risk

runZero found 7 flaws in FatFs, a filesystem used in IoT and embedded devices. Bugs…

18 hours ago

Bad Epoll Flaw Gives Attackers Root Access on Linux and Android

Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was…

20 hours ago

Medtronic Notifies 3.8 Million After ShinyHunters Data Breach

Medtronic says a ShinyHunters attack exposed the personal and medical data of over 3.8 million…

1 day ago

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104

Security Affairs Malware newsletter includes a collection of the best articles and research on malware…

1 day ago

This website uses cookies.