A hacking group that infiltrated into the network of San Francisco’s International Airport in March 2020 is reported to have access login credentials used by employees on two of its websites- SFOConnect.com and SFOConstruction.com. And the interesting part in this hacking story is that the threat actors were not interested in seeking the data from the website, but were rather interested in knowing the login credentials of those accessing the websites from their respective windows devices and IE browsers.
Authorities from the 7th busiest airport’s in North America are urging users to change their email and windows device passwords accordingly and said that an email alert in this regard will be posted to the victims by this weekend.
Cybersecurity Insiders has learned that the breach took place when hackers maliciously injected code into the said 2 websites to steal the user credentials. Both the websites were pulled down as soon as the incident was identified. But SFOConnect has been restored last week and SFOConstruction will be restored by the end of this week.
Note 1- SFO aka San Francisco International Airport is one of the North American airports widely recognized across the world as it operates non-stop flights to 86 cities and supports transit connectivity to over 12 domestic airlines.
Note 2- Created in 1980, SFO also hosts a museum in collaboration with the Airport Commission and the Fine Arts Museum.
Note 3- SFO happens to be home to the largest single aircraft maintenance bases in the world which covers all operations related to MRO-Maintenance repair, overhaul, painting, welding, machine shop, took and dyes, parts manufacturing, assembling, fabrication, engineering and retrofitting.