San Francisco International Airport Suffers Data Breach: Two Sites Compromised

The San Francisco International Airport is now the latest victim of a data breach. Two of its websites have been compromised.

With the COVID-19 pandemic continuing to be a real threat around the world, the implications on businesses is stark. One of the larger industries hardest hit is the tourism industry. So, when Carnival Corp suffered from a data breach last month, it seemed like pouring salt on the wound at that point.

So, it may come as cold comfort, but Carnival Corp isn’t the only organization to suffer from a data breach while at the same time dealing with the implications of COVID-19. Hackers have apparently broken into two websites controlled by the San Francisco International Airport. Malicious code was then injected into the site for what authorities suspect is for the purpose of stealing credentials. From Bleeping Computers:

According to a notice of data breach sent to all SFO Airport commission employees via an internal memo, the attackers may have gained access to the login credentials of users registered on the two breached sites.

San Francisco International Airport is Bay Area’s largest airport and it currently offers flights throughout North America with non-stop connections to 86 cities in the U.S. on 12 domestic airlines.

“SFOConnect.com and SFOConstruction.com were the targets of a cyberattack in March 2020,” the memo reads.

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials.”

“Users possibly impacted by this attack include those accessing these websites from outside the airport network through Internet Explorer on a Windows-based personal device or a device not maintained by SFO.”

After investigating the incident, SFO discovered that the attackers might have gained access to the affected users’ usernames and passwords.

SFO removed the malicious code injected within the two compromised websites and took them offline after discovering the attack.

The article goes on to say that, in response, account passwords have been reset as a precautionary measure.

With the COVID-19 pandemic, airports all over are already experiencing a major drop in revenue due to loss in passengers flying these days. A lot of that is the result of various countries putting in tight restrictions on air travel in the first place to stop the spread of the virus. So, already, there is an obvious loss in revenue these days. So, having two of its websites hacked is about the last thing they needed right now. Like Carnival Corp, it’s like pouring salt on the wound at this stage.

One thing is for sure, however, just because the global economy has mostly ground to a halt, it seems that black hat hackers are continuing on with business as usual. These days, successful hacks just seems cruel at this point.

Drew Wilson on Twitter: @icecube85 and Facebook.



1 Trackback or Pingback

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: