Airbus, the European aerospace giant, has launched an investigation after a hacker leaked confidential data online. The data breach affected the company’s commercial aircraft division and exposed sensitive information such as technical specifications, contracts, invoices, and customer lists.
The hacker, who goes by the name of “Aeroboi”, claimed to have accessed the Airbus network through a vulnerability in a third-party software. He posted screenshots of the stolen data on Twitter and offered to sell more data for bitcoins. He also threatened to leak more data if Airbus did not pay him a ransom.
Airbus confirmed that it was aware of the data breach and that it had taken immediate actions to contain the incident and protect its systems. The company said that it was working with relevant authorities and experts to investigate the scope and impact of the breach.
The data breach is the latest in a series of cyberattacks targeting Airbus and its suppliers in recent years. In 2019, Airbus reported that it had suffered a series of intrusions that compromised some of its employees’ personal and professional data. In 2020, two of its suppliers, Expleo and Rolls-Royce, were also hit by cyberattacks that affected their operations.
The aerospace industry is a prime target for hackers who seek to steal valuable intellectual property, disrupt business operations, or extort money. The industry faces various threats from state-sponsored actors, cybercriminals, hacktivists, and insiders.
This data breach is a serious incident that could damage Airbus’s reputation and competitiveness in the global market. The leaked data could expose Airbus’s trade secrets, customer relationships, and business strategies to its rivals or adversaries. Moreover, the data breach could also affect Airbus’s customers, partners, and suppliers who may have shared sensitive information with the company. Airbus should conduct a thorough investigation of the breach, notify all affected parties, and take appropriate measures to prevent future attacks. Airbus should also review its cybersecurity policies and practices, especially regarding its use of third-party software and services. Additionally, Airbus should enhance its security awareness and training among its employees and stakeholders to reduce the risk of human error or negligence.