{ "id": "0e5144d5-a489-4b65-868b-62a4abcc20e1", "created_at": "2026-04-06T00:14:03.796027Z", "updated_at": "2026-04-10T03:28:09.056428Z", "deleted_at": null, "sha1_hash": "af7dc41055a2559fc4ee62fa4d8c19b59e16cfb5", "title": "Airbus investigates data leak allegedly involving thousands of suppliers", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 32271, "plain_text": "Airbus investigates data leak allegedly involving thousands of\r\nsuppliers\r\nBy Daryna Antoniuk\r\nPublished: 2023-09-12 · Archived: 2026-04-05 13:03:45 UTC\r\nThe European aerospace giant Airbus said on Tuesday that it is investigating a cybersecurity incident following\r\nreports that a hacker posted information on 3,200 of the company’s vendors to the dark web.\r\nA threat actor using the moniker \"USDoD\" posted Monday on BreachForums that they obtained access to an\r\nAirbus web portal after compromising the account of a Turkish airline employee. The hacker claimed to have\r\ndetails on thousands of Airbus vendors, including names, addresses, phone numbers and emails, according to a\r\nreport from Hudson Rock.\r\nAirbus spokesperson Philippe Gmerek confirmed to Recorded Future News that hackers breached an “IT account\r\nassociated with an Airbus customer” and that the company was investigating the incident. This account was used\r\nto download business documents dedicated to this customer from an Airbus web portal, the company said.\r\n“Immediate remedial and follow-up measures were taken by our security teams to prevent our systems from being\r\ncompromised,” Gmerek told Recorded Future News in an email.\r\nAccording to the Hudson Rock, the threat actor — who appears to be linked to a December 2022 breach of the\r\nFBI’s InfraGard system — posted the leaked information publicly without making any demands. Few details are\r\nknown about the threat actor or their motivations, but they have said they are a member of the relatively new\r\nransomware group known as “Ransomed.”\r\nAerospace companies are regularly targeted by hackers for the sensitive data and technology they hold. Last week,\r\nthe FBI, U.S. Cyber Command and the Cybersecurity and Infrastructure Security Agency warned that multiple\r\nnation-state hackers exploited two vulnerabilities to target an unnamed aerospace company this year.\r\nIn 2019, Airbus experienced a series of cyberattacks directed at its suppliers from hackers who were after\r\ncommercial secrets. China was the main suspect at that time, although the country repeatedly denied involvement\r\nin hacking.\r\nGet more insights with the\r\nRecorded Future\r\nIntelligence Cloud.\r\nLearn more.\r\nhttps://therecord.media/airbus-data-leak-suppliers-breachedforums\r\nPage 1 of 2\n\nSource: https://therecord.media/airbus-data-leak-suppliers-breachedforums\r\nhttps://therecord.media/airbus-data-leak-suppliers-breachedforums\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://therecord.media/airbus-data-leak-suppliers-breachedforums" ], "report_names": [ "airbus-data-leak-suppliers-breachedforums" ], "threat_actors": [ { "id": "80edca9f-dcd6-491e-92f3-87ad1f575631", "created_at": "2023-10-14T02:03:14.694988Z", "updated_at": "2026-04-10T02:00:05.021046Z", "deleted_at": null, "main_name": "NetSec", "aliases": [ "NetSec", "Operation Data Breach", "ScarFace_TheOne", "USDoD" ], "source_name": "ETDA:NetSec", "tools": [], "source_id": "ETDA", "reports": null }, { "id": "82a51997-1402-41c3-86df-6f9e522b2ba8", "created_at": "2024-04-27T02:00:03.554045Z", "updated_at": "2026-04-10T02:00:03.63698Z", "deleted_at": null, "main_name": "USDoD", "aliases": [], "source_name": "MISPGALAXY:USDoD", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434443, "ts_updated_at": 1775791689, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/af7dc41055a2559fc4ee62fa4d8c19b59e16cfb5.pdf", "text": "https://archive.orkl.eu/af7dc41055a2559fc4ee62fa4d8c19b59e16cfb5.txt", "img": "https://archive.orkl.eu/af7dc41055a2559fc4ee62fa4d8c19b59e16cfb5.jpg" } }