ICAO is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.
ICAO can now confirm that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 claimed to be released by the threat actor known as Natohub.
The compromised data includes recruitment-related information that applicants entered into our system, such as names, email addresses, dates of birth, and employment history. The affected data does not include financial information, passwords, passport details, or any documents uploaded by applicants.
We can confirm that this incident is limited to the recruitment database and does not affect any systems related to aviation safety or security operations.
Our investigation and response efforts continue, and we have implemented additional security measures to protect our systems. We are also working to identify and notify affected individuals.
ICAO takes the privacy and security of personal information extremely seriously. We will provide further updates as our investigation progresses.
Media inquiries should be directed to: media.relations@icao.int.
Updated 19:30 UTC -5 on 7 January 2025
