French aviation giant Airbus announced recently that it is investigating a data security incident that involved unauthorised parties accessing personal data and IT identification details of an undisclosed number of its employees in Europe.
While the company is yet to disclose how many employees were affected by the breach, it said that the incident involved unauthorised parties gaining access to information systems for its commercial aircraft business. However, the cyber attack did not disrupt or affect the company's airline operations.
Airbus couldn't prevent the loss of employee data
"Airbus SE detected a cyber incident on Airbus “Commercial Aircraft business” information systems, which resulted in unauthorised access to data. There is no impact on Airbus’ commercial operations.
"This incident is being thoroughly investigated by Airbus’ experts who have taken immediate and appropriate actions to reinforce existing security measures and to mitigate its potential impact, as well as determining its origins.
"Investigations are ongoing to understand if any specific data was targeted, however we do know some personal data was accessed. This is mostly professional contact and IT identification details of some Airbus employees in Europe.
"The company is in contact with the relevant regulatory authorities and the data protection authorities pursuant to the GDPR (General Data Protection Regulation). Airbus employees are being advised to take all necessary precautions going forward," Airbus said in a press release.
CNIL, the French data protection watchdog, was informed about the said data security incident by Airbus on 11th January, a day after the aviation giant discovered that unauthorised entities had gained access to personal data of its employees after initially breaching its systems on 6th January.
Hackers targeted Boeing too
In March last year, Boeing, the world's leading airplane manufacturer and Airbus' toughest competitor, announced that it had suffered a WannaCry ransomware attack that affected a "small number of systems" but did not impact its commercial operations.
"Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. It took some time for us to go to our South Carolina operations, bring in our entire IT team and make sure we had the facts.
"The vulnerability was limited to a few machines. We deployed software patches. There was no interruption to the 777 jet program or any of our programs," said Linda Mills, the head of communications for Boeing Commercial Airplanes.