Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SFO discloses data breach following the hack of 2 of its websites

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. In March hackers compromised two websites of San Francisco International Airport (SFO) and now it disclosed a data breach. SFO is a major gateway to Europe and Asia, it serves 45 international carriers. The attackers may have […]

Xsolis

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month.

In March hackers compromised two websites of San Francisco International Airport (SFO) and now it disclosed a data breach. SFO is a major gateway to Europe and Asia, it serves 45 international carriers.

The attackers may have gained access to some users’ login credentials after deploying malware on both websites.

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director. “Users possibly impacted by this attack include those accessing these websites from outside the airport network through Internet Explorer on a Windows-based personal device or a device not maintained by SFO.”

Hackers may have accessed the impacted users’ credentials and used them to log on to those personal devices. The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password.

The IT staff at the SFO has already removed the malicious code injected within its websites and took both offline after the attack.

In response to the incident, the SFO Airport reset all email and network passwords.

“The malicious code was removed from the affected websites. SFOConnect.com and SFOConstruction.com were taken offline. The airport also forced a reset of all SFO related email and network passwords on Monday, March 23, 2020.” continues the data breach notice.

At the time of writing, the SFOConnect is up and running, SFOConstruction points to a copy of the Notice of Data Breach stored on an S3 bucket.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]