Airbus has reported that it had detected a cyber incident on its commercial aircraft business information systems, which resulted in “unauthorised access to data”. The manufacturer stated that there is no impact on Airbus’ commercial operations and that the incident is being “thoroughly investigated by Airbus’ experts who have taken immediate and appropriate actions to reinforce existing security measures and to mitigate its potential impact, as well as determining its origins”.
Airbus confirmed that some personal data was accessed, primarily the professional contact and IT identification details of some Airbus employees in Europe.
The company says that it is in contact with the relevant regulatory authorities and the data protection authorities pursuant to the GDPR (General Data Protection Regulation). Airbus employees are being advised to take all necessary precautions going forward.
This latest high-profile data breach has led to many security experts calling for a complete overhaul in systems used for storing sensitive data, and moving to designing systems from the outset with privacy built into the design.