European aerospace corporation Airbus SE has revealed that a digital security incident recently affected some of its computer systems. In a press release published on 30 January, Airbus confirmed that its “Commercial Aircraft business” information systems suffered a security incident. The corporation said that the event did not affect Airbus' commercial operations. But it clarified that the episode did result in unknown individuals gaining unauthorized access to certain information. As Airbus explains in its statement:
Investigations are ongoing to understand if any specific data was targeted, however we do know some personal data was accessed. This is mostly professional contact and IT identification details of some Airbus employees in Europe.
This isn't the first time that an aerospace company has suffered a security incident. In March 2018, Airbus's rival Boeing suffered an attack by WannaCry, ransomware which affected 34 percent of National Health Service (NHS) trusts in England during its May 2017 outbreak. As reported by The Seattle Times, the infection at Boeing involved a limited number of machines, so the company was able to resolve the attack without interruption to its 777 jet program by deploying some software patches.
A year earlier than that, Boeing notified the Attorney General for Washington State about a separate security incident in which an employee sent an email containing the sensitive information of 36,000 other employees to his non-Boeing spouse. At this time, Airbus is still investigating the security incident with respect to how it happened and what actions it can take to reinforce the security measures protecting its information systems. It's also advising employees to take precautions going forward, and it is maintaining contact with data protection authorities who are charged with upholding the European Union's General Data Protection Regulation (GDPR). While they wait for additional information from their employer, Airbus employees should follow these steps to protect themselves against identity theft.
