International Civil Aviation Organization Confirms Data Breach

The International Civil Aviation Organization (ICAO), a specialized agency of the United Nations responsible for setting global aviation standards, has confirmed a data breach involving the exposure of over 42,000 recruitment application records. The breach, attributed to a threat actor known as “Natohub,” was first reported on BreachForums, where the stolen data was advertised.

In an official statement published yesterday, ICAO disclosed that the compromised data pertains to recruitment applications submitted between April 2016 and July 2024. The stolen information includes:

• Full names
• Dates of birth
• Email addresses
• Employment history

ICAO clarified that no financial information, passwords, passport details, or documents uploaded by applicants were included in the breach. The organization assured that the incident is confined to its recruitment database and does not impact systems related to aviation safety or security operations.

“Our investigation and response efforts continue, and we have implemented additional security measures to protect our systems. We are also working to identify and notify affected individuals.” – ICAO

The breach was announced by the hacker “Natohub” on the BreachForums platform on January 5, 2025. The post highlighted the scale of the leak, claiming it involved data from 42,000 documents and showcasing samples of recruitment application forms to validate the authenticity of the breach. This hacker has a reputation for targeting international organizations, raising concerns about their motivations and whether this attack is linked to broader espionage or extortion efforts.

On BreachForums, though, the stolen data was offered to registered members for just four credits, which corresponds to a small amount in cryptocurrency. One buyer noted that the set, which comprises 2GB of data, contains 57,240 unique emails, including 1,661 ‘gov' addresses.

ICAO plays a critical role in the global aviation sector, overseeing the establishment of international standards for flight safety, security, efficiency, and environmental protection. Based in Montreal, Canada, the organization collaborates with 193 member states and industry stakeholders to develop regulations that ensure the safety and coordination of international air travel.

Given its pivotal role, any cyberattack against ICAO raises concerns about potential secondary risks to aviation systems. While ICAO has confirmed that this breach does not impact operational systems, the compromise of sensitive recruitment data revealed security vulnerabilities within its infrastructure.