UN's aviation agency confirms attack on recruitment database

The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.

Yesterday, we reported claims from an atacker that they had illegally accessed tens of thousands of documents. In response to our questions, the agency confirmed the haul pertained to particulars collected between April 2016 and July last year.

"The compromised data includes recruitment-related information that applicants entered into our system, such as names, email addresses, dates of birth, and employment history," said an ICAO spokesperson. 

Notably, the organization's statement omits any mention of data points such as home addresses, marital statuses, genders, and educational backgrounds, which were all allegedly included, per the leaker's claims.

"The affected data does not include financial information, passwords, passport details, or any documents uploaded by applicants," the spokesperson added.

The ICAO went on to say that the theft took place on its recruitment system and that no other systems were accessed or affected, including those responsible for aviation safety or security operations.

Additional security measures were implemented in the immediate aftermath of the break-in and the ICAO is currently working to identify the individuals affected before sending direct breach notifications.

"ICAO takes the privacy and security of personal information extremely seriously. We will provide further updates as our investigation progresses," the spokesperson added.

Headquartered in Montreal, the ICAO is a part of the UN which manages and regulates global air navigation systems, ensuring the 193 countries it oversees collaborate effectively on aviation matters.

It facilitates the communication between states during the decision-making process for new and amended flight routes, for example.

• Turbulence at UN aviation agency as probe into potential data theft begins
• US airspace closures, lack of answers deepen East Coast drone mystery
• Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday'
• Happy birthday, Putin – you've been pwned

The agency - as we know it now - was formed in 1947 but was preceded by the International Commission for Air Navigation (ICAN), which first assembled in 1903 and was formally established in the 1919 Paris Convention.

ICAN was responsible for developing the first radio callsigns used by aircraft in 1912. It was replaced by the temporary Provisional International Civil Aviation Organization (PICAO) in 1945, ushered in as part of the Convention on International Civil Aviation with a view to being replaced by a permanent body, the ICAO, after the convention was ratified by member countries.

Now, it has broad diplomatic responsibilities that span matters related to flight paths and accident investigations. It also oversees aviation efficiency systems and environmental protection measures, as well as implementing technical standards across all facets of the aviation industry. ®