Incident Of The Week: Airbus Reports Employee Data Hack
Compromised data includes professional contact details, including IT department contacts
Airbus can now count itself among the companies that experienced data hacks in 2019. The news of this data hack broke on Jan. 30 and quickly captured headlines. Here's a rundown of publicly known specifics about the incident so far.
One of the positive aspects of this data hack is that Airbus reported the incident did not impact its commercial activities. However, the company revealed the hack was related to the brand's commercial aircraft information systems.
Understandably, many people wondered what kind of information the hackers got. According to a press release from the company, the incident compromised some personal data, mostly related to Airbus employees in the European Union. The company gave further, although brief, details about the kind of information taken and said it primarily was professional contact details, including IT department contacts.
However, Airbus is still examining the matter to get more in-depth details about the breached information.
Limited Official Details
Individuals who like to know as much as possible about any data hack as soon as it happens are out of luck in this case. The statement from Airbus is disappointingly scarce on details, and that's likely because an investigation is underway. The company has not disclosed who carried out the attack and why. But, Airbus contacted regulatory authorities as required by the General Data Protection Regulation (GDPR).
See Related: “EU Regulations Are Clamping Down On US Big Tech”
The GDPR, which came into effect in 2018, requires affected parties to report data hack incidents no later than 72 hours after a data controller becomes aware of them. The press statement from Airbus also mentions that the company's employees got advice to take "all necessary precautions" to prevent future events like this.
Another section of the press release discusses how the people looking into the matter at Airbus took immediate actions to improve existing security measures, find the source of the issue and mitigate the damage caused. However, it does not detail the specific actions investigators took to respond to the problem.
An Espionage Link Proposed
One of the difficulties with the lack of details from Airbus is that the unknown factor makes people speculate about why hackers targeted Airbus and what they hoped to find. Despite not having evidence to support the idea, at least one source wonders if this could be an industrial espionage case. If so, perhaps the hackers wanted information to target particular individuals possessing information valuable to other countries.
To reiterate, though, nothing from Airbus suggests such intentions behind the data hack. The opinion only sprung up as people thought about why the issue occurred.
Large Companies Are Not Immune
Even though people don't know much about what happened yet, this event serves as a reminder that even the best-known companies in the world cannot assume safety from hacks. And, indeed, those entities may be more appealing than smaller ones, depending on hackers' goals.
And, the fact that Airbus specializes in aircraft may be enough to raise fears, too. In 2018, documents showed U.S. government researchers believe it's only a matter of time before hacks of commercial airplanes happen. The information pointed out that if they do, the aftermath could tarnish public perceptions of aircraft safety, disrupt passenger and military-related flights and possibly cause a competitive disadvantage by affecting only one airline.
Even though this hack didn't cause such problems, Airbus representatives must recognize the dangers of any hack and take thorough measures to stop future attacks.
No Indication of Further Updates
Airbus did not confirm if or when it would give more news about the extent of the incident. If the data hack only affected employees, it's possible that further information might solely get spread internally. Even so, it's still worthwhile for people to keep checking for new material in case the company publicizes it.