A hacking group that infiltrated into the network of San Francisco’s International Airport in March 2020 is reported to have access login credentials used by employees on two of its websites – SFOConnect.com and SFOConstruction.com. And the interesting part in this hacking story is that the threat actors were not interested in seeking the data from the website, but were rather interested in knowing the login credentials of those accessing the websites from their respective windows devices and IE browsers.
Authorities from the 7th busiest airport’s in North America are urging users to change their email and windows device passwords accordingly and said that an email alert in this regard will be posted to the victims by this weekend.
Cybersecurity Insiders has learned that the breach took place when hackers maliciously injected code into the said 2 websites to steal the user credentials. Both the websites were pulled down as soon as the incident was identified. But SFOConnect has been restored last week and SFOConstruction will be restored by the end of this week.