Data Breach Hits US Department of Transportation, Aviation Records Compromised

A threat actor known as IntelBroker has claimed responsibility for a major data breach targeting the United States Department of Transportation (DOT). The federal executive department, entrusted with the planning, coordination, and implementation of federal transportation projects and policies, is now grappling with the fallout of a substantial compromise to its aviation department.

DOT Data Breach Data Details

The threat actor’s post on Breachforums, stated that the exfiltration of data occurred on January 7, 2024. The Dot data breach leaked database, purportedly containing sensitive information, encompasses 5.8 million flight logs from the year 2015.

The compromised data fields include crucial details such as date, day of the week, airline, flight number, tail number, origin airport, destination airport, scheduled departure, departure time, departure delay, taxi out, wheels off, scheduled time, elapsed time, air time, distance, wheels on, taxi in, diverted, and canceled.

The Cyber Express Team, upon learning of the data breach, promptly reached out to DOT officials for verification. As of now, no response has been received, leaving the claim unverified.

Adding to the mystery, the official DOT website appears fully functional, raising doubts about the authenticity of the breach. Whether the claim is a ploy to attract attention or if there is a hidden motive behind it remains uncertain until an official statement is released.

If the claim proves to be true, the implications of this data breach could be severe. The compromise of aviation records poses significant risks, including potential threats to national security and the safety of air travel.

Cyberattacks on Government Agencies

This incident is not isolated, as the U.S. government has faced a series of cyberattacks in recent years. In 2023, the United States Department of Commerce (DOC) fell victim to a cyberattack, resulting in the takedown of its website. Additionally, the National Institute of Standards and Technology (NIST) was targeted by the Anonymous Sudan hacktivist group in a separate incident.

The targeting of government entities extends beyond just departments; cybersecurity service providers are also in the crosshairs. In a previous attack, Telos, a well-known cybersecurity firm based in Virginia, allegedly fell victim to the notorious CL0P ransomware group.

Similarly, the Idaho National Laboratory, a crucial component of the United States Department of Energy, reportedly suffered a cyberattack claimed by the notorious SiegedSec hackers group.

What Can Be the Motive Behind Attacks?

The recurring nature of these attacks raises concerns about the cybersecurity measures in place across government agencies and affiliated organizations.

The motive behind these cyberattacks remains unclear, but the trend indicates a concerted effort by threat actors to exploit vulnerabilities within these institutions.

The impact of this latest DOT data breach extends beyond the United States, affecting North America as a whole.

As the investigation unfolds, the cybersecurity community anxiously awaits official statements from the U.S. Department of Transportation and related authorities to ascertain the full extent of the DOT Data breach and the measures being taken to mitigate its consequences.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.