The International Civil Aviation Organization (ICAO) on Tuesday said that it is “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” and has initially concluded that “approximately 42,000 recruitment application data records from April 2016 to July 2024” were stolen.
In its initial statement, the ICAO said, “We can confirm that this incident is limited to the recruitment database and does not affect any systems related to aviation safety or security operations.”
On Wednesday, ICAO officials elaborated on that statement during an email exchange between CSO Online and ICAO communications officer William Raillant-Clark, who said, “ICAO began its probe as soon as the claims were brought to our attention” on January 5, 2025.
