Air hostess sold access to Israeli airline system & leaked passengers data

A significant portion of the cybersecurity incidents reported worldwide was possible by the intervention (voluntary or involuntary) of internal staff in the affected organizations. According to information security experts, the personal data of multiple users of an Israeli-based airline was exposed by a flight attendant specializing in overseas flights.

The cybersecurity incident was reported by local news agency N12 News, resuming a security alert from the Israel Privacy Protection Authority.

Apparently, the airline employee allowed an unidentified business man to access the company’s databases for years in order to obtain confidential users’ information; when the airline’s IT team strengthened the security of their systems, frequent intrusions were detected. The entrepreneur is believed to have searched the airline’s records for commercial purposes, although no further details have been revealed. 

The individual accessed databases that stored sensitive personal records such as users’ medical records, VIP customers lists and frequent user information.

The airline notified the incident to the Privacy Protection Authority, which in turn reported that the investigation was turned in turn to the State Attorney’s Office, N12 News investigators claim. This organization will continue the investigation and determine the legal process to which those involved will be subjected. It should be noted that the authorities did not disclose the name of the airline concerned or the employee indicated for allowing improper access. Affected users are expected to be notified shortly.