UN Aviation Agency Says ICAO Data Breach Impacted Nearly 12,000 Individuals

Published on January 13, 2025
Written by:
Lore Apostol
Lore Apostol
Cybersecurity & Streaming Writer

The International Civil Aviation Organization (ICAO) has revealed that nearly 12,000 individuals have been affected by a data leak that contained recruitment application information submitted between April 2016 and July 2024.

"After completing a careful review of the data, ICAO can now confirm that 11,929 individuals are affected. ICAO is now reaching out to these individuals," it said in a statement released by the United Nations' specialized aviation agency, cited by Reuters.

The ICAO confirmed the incident last week after a cybercriminal group known as Natohub claimed responsibility for the breach. The threat actor alleged it had 42,000 documents and has since put the compromised data up for sale on the dark web.

The stolen data reportedly contains sensitive information, such as names, email addresses, phone numbers, passport details, employment records, and other personally identifiable information (PII) related to individuals associated with aviation operations. 

Natohub, the cybercriminal group behind the breach, is no stranger to high-profile attacks. The group has previously been linked to cyber incidents targeting the US Department of Defense, the United Nations, and the United States Marine Corps.

The stolen data poses alarming risks, including possible identity theft, social engineering attacks, financial fraud, and the creation of fraudulent accounts or documents. The ICAO is in the process of reaching out to the individuals identified to have been affected.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: