A significant portion of the cybersecurity incidents reported worldwide was possible by the intervention (voluntary or involuntary) of internal staff in the affected organizations. According to information security experts, the personal data of multiple users of an Israeli-based airline was exposed by a flight attendant specializing in overseas flights.
The cybersecurity incident was reported by local news agency N12 News, resuming a security alert from the Israel Privacy Protection Authority.
Apparently, the airline employee allowed an unidentified business man to access the company’s databases for years in order to obtain confidential users’ information; when the airline’s IT team strengthened the security of their systems, frequent intrusions were detected. The entrepreneur is believed to have searched the airline’s records for commercial purposes, although no further details have been revealed.
The individual accessed databases that stored sensitive personal records such as users’ medical records, VIP customers lists and frequent user information.
The airline notified the incident to the Privacy Protection Authority, which in turn reported that the investigation was turned in turn to the State Attorney’s Office, N12 News investigators claim. This organization will continue the investigation and determine the legal process to which those involved will be subjected. It should be noted that the authorities did not disclose the name of the airline concerned or the employee indicated for allowing improper access. Affected users are expected to be notified shortly.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.