Web app credentials were stolen in attacks on two airport websites.
San Francisco International Airport disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020. According to a notice of data breach sent to all SFO Airport employees, the attackers may have gained access to the login credentials of users registered on the two breached sites.
The attackers inserted malicious computer code on these websites to steal some users' login credentials. According to the notification, users possibly affected by this attack include those accessing the websites from outside the airport network through Internet Explorer on a Windows-based device not maintained by SFO.
The airport forced a reset of all SFO-related email and network passwords on Monday, March 23, 2020, and recommends that all users change their Windows devices' account passwords if they visited the two sites using Internet Explorer outside of the airport's managed networks.
For more, read here.
A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024