San Francisco International Airport (SFO) has disclosed a data breach into two if its subsidiary sites – SFOConnect.com and SFOConstruction.com. According to the airport’s internal notice to employees, these two sites were targeted by hackers in March, by injecting malicious code and stealing user credentials as usernames and passwords entered into them. The airport had removed the code now and is bringing up those two sites. Further, it advised users to change their passwords as a precaution.

Two sites from the biggest airport

The San Francisco International Airport is the largest one from the Bay Area and a major gateway for European Asian nations. It serves travels to over 50 international cities with 45 different carriers, and has about 86 nonstop connections.

San Francisco Airport Disclosed a Data Breach on Two of its Websites
San Francisco Airport Disclosed a Data Breach on Two of its Websites

The airport, on April 7, 2020, disclosed an internal hack performed on two of its sites – SFOConnect and SFOConstruction. While the former ones used for travel information and helpline, the latter site specified to airport’s construction projects.

These may not seem that important, yet hackers breached into them and planted a malicious code, which scraped the login details of those who’ve entered in them. This was informed to all the staff and even pasted on SFOConstruction page. The airport said the breach happened in March this year, and now the malicious code was removed from both sites. The SFOConnect is now up and running, but the SFOConstruction is semi-finished.

Change the passwords immediately

In the notice statement, it said, “Users possibly impacted by this attack include those accessing these websites from outside the airport network through Internet Explorer on a Windows-based personal device or a device not maintained by SFO.” 

Besides taking both the sites offline after realizing the cyberattack, the airport has also force reset its SFO related email and network passwords on March 23rd itself.

After all, it advised everyone, those who’ve used the sites and potentially be affected, to change their passwords immediately. Further, change passwords to other websites that are of the same combination for cross-site hacks. SFO airport hasn’t mentioned anything about who the perpetrators could be and how that malicious code looked like.

Source: SFO Notice

LEAVE A REPLY

Please enter your comment!
Please enter your name here