Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

United Airlines reportedly hacked by same APT that breached OPM, Anthem

United Airlines reportedly hacked by same APT that breached OPM, Anthem. Let’s try to understand why and which are the risks for the US citizens. A Chinese APT group  believed to be responsible for a series of high-profile data breaches that affected the U.S. Office of Personnel Management, the Anthem, and more recently the United Airlines. According the media […]

United Airlines reportedly hacked by same APT that breached OPM, Anthem

United Airlines reportedly hacked by same APT that breached OPM, Anthem. Let’s try to understand why and which are the risks for the US citizens.

A Chinese APT group  believed to be responsible for a series of high-profile data breaches that affected the U.S. Office of Personnel Management, the Anthem, and more recently the United Airlines.

According the media agency Bloomberg, the United Airlines detected a cyber attack into its computer network at the end of May or early June, the journalists cited some unnamed sources familiar with the incident.

The source confirmed that the hacking crew that hacked United Airlines systems is the same APT that successfully carried out several cyber attacks.

Why the hackers targeted the United Airlines?

The investigators suspect that the Chinese APT is gathering information on million of Americans to run further attacks.

“The previously unreported United breach raises the possibility that the hackers now have data on the movements of millions of Americans, adding airlines to a growing list of strategic U.S. industries and institutions that have been compromised. Among the cache of data stolen from United are manifests — which include information on flights’ passengers, origins and destinations — according to one person familiar with the carrier’s investigation.” states Bloomberg.

The situation is scaring, if the news is confirmed, the Chinese hackers can cross this data with records stolen from the federal personnel office discovering the movements of personnel working in defense and intelligence, including contractors that are privileged targets for cyber espionage campaign. The situation is worse if we consider that possibility that hackers could cross-reference the huge amount of data with stolen medical and financial records, revealing possible avenues for blackmailing or recruiting people who have security clearances.

When cyber security experts reference Chinese APT, in the majority of cases they consider these groups linked to the Government of Beijing.

Chinese hackers espionage on United Airlines

Contacted for a comment, United Airlines didn’t immediately respond.

The situation is very concerning, according to a report submitted as testimony by Greg Wilshusen, director of information security issues at GAO, in a recent congressional hearing cybersecurity incidents that involved federal government have increased more than 1,000 percent since 2006.

The document reports that in the fiscal year 2014, federal agencies suffered 67,168 cyber security incidents that exposed personally identifiable information (PII), meanwhile the number of incidents in 2006 was just 5,503 (+ 1,121%).

Federal Government security GAO Report - attack against United Airlines

The number of cyber attacks increased as never before as their level of sophistication, it is essential that private firms and Government agencies will increase resilience of their systems against cyber attacks.

At the time I was writing another worrying news is circulating on the web, part of a Pentagon email network taken down over suspicious activity, the US authorities are investigating on the alleged intrusion.

Pierluigi Paganini

(Security Affairs –  Pentagon, United Airlines)