The United Nations aviation agency has confirmed that hackers accessed thousands of records after breaching its internal recruitment database.
Last weekend, an individual using the alias “Natohub” claimed to have accessed 42,000 documents from the International Civil Aviation Organization (ICAO). The agency announced on Monday that it was investigating the incident and confirmed Natohub's claims in an updated statement sent to TechCrunch on Tuesday.
“ICAO said the reported information security incident involved approximately 42,000 job application data records from April 2016 to July 2024 that were allegedly exposed by a threat actor known as Natohub. I was able to confirm that this was the case.”
ICAO said the compromised data included information such as job applicants' names, email addresses, dates of birth and employment history. “The affected data does not include financial information, passwords, passport details, or documents uploaded by applicants,” the agency added.
ICAO said the breach was “limited” to its recruitment database and it was working to identify and notify affected individuals.