image

LA Intl. Airport Breach! 2.5M Private Plane Owners' Data leaked

The notorious hacker known as IntelBroker is making headlines once again with a daring alleged breach targeting one of the United States’ most critical organizations: the Los Angeles International Airport.

In a bold move, IntelBroker claims to have breached the database of the Los Angeles International Airport, making off with a trove of confidential user data belonging to private plane owners – The breach, according to the hacker, took place in February 2024.

It is important to note that no customer or traveller data is involved in this breach. However, the incident has apparently resulted in the compromise of a significant 2.5 million records, including sensitive information such as:

  • Full names
  • CPA numbers
  • Email addresses (1.9 million emails – total 15,8000 emails after removing duplicates).
  • Company names
  • Plane model numbers
  • Tail numbers (Refers to an identification number painted on an aircraft tail).

The breach was publicly disclosed by IntelBroker on the notorious hacker and cybercrime platform Breach Forums, adding another high-profile hack to their already extensive. Notable targets of IntelBroker’s previous hacks include the Weee! Grocery platform, General Electric, Staffing Giant Robert Half, and a recent data leak involving a partial Facebook Marketplace database.

Upon learning of the breach, Hackread.com promptly reached out to IntelBroker, who confirmed their involvement and provided limited insight into their methods. According to IntelBroker, they exploited a vulnerability in the airport’s Customer Relationship Management (CRM) system (CRM system) to gain unauthorized access to the database, highlighting the critical need for organizations to strengthen their cybersecurity measures in the face of growing threats from skilled hackers like IntelBroker.

The screenshot below, obtained from Breach Forums, displays the listing of the data breach. It is important to highlight that the breach details attribute the hack to a user named “kwillsy.” However, in a statement to Hackread.com, IntelBroker clarified that “kwillsy” is not associated with the breach, and they take full responsibility for the hack.

Hackread.com has contacted the relevant authorities at the LA Airport, and this article will be updated accordingly pending their response.

Increasing Data Breaches

During the initial months of 2024, there has been a marked surge in data breaches impacting various sectors, encompassing both corporate entities and governmental bodies. Last week, Infosys disclosed a breach that affected more than 57,000 Bank of America customers.

In earlier weeks of the same month, two prominent US insurance firms, Washington National Insurance Company and Bankers Life and Casualty Company, reported breaches linked to SIM-swapping incidents, impacting over 66,000 customers collectively.

In January, Jason’s Deli encountered a significant breach, exposing the personal details of over 344,000 users due to a successful credential-stuffing attack. Concurrently, hackers targeted Indian ISP Hathway, compromising the personal information and KYC records of over 4 million unsuspecting customers.