Airport Chaos Unleashed: Leaked Credentials Give Hackers Keys to 200+ Global Airports
Security researchers at Cloud Sec just intercepted a massive leak of credentials from a major third-party maintenance provider that holds admin access to IT systems for over 200 airports worldwide.[1] With no multi-factor authentication in place, one compromised password could let attackers wreak havoc on flight scheduling, ground operations, and more.
These aren’t random creds—the provider’s accounts pack “keys to the kingdom” privileges across critical aviation infrastructure.[1] No specific CVE here, but the breach echoes patterns from threat actors like Zestix, who hit cloud-sharing services (ShareFile, Nextcloud, OwnCloud) via stolen credentials, targeting aviation among other sectors like defense and healthcare.[3] Imagine attackers disrupting runways or falsifying flight data in real-time.
So What? Developers and security teams: If your org relies on third-party vendors for critical ops, audit those access creds now. No MFA? You’re begging for compromise. Aviation’s just the start—similar leaks hit utilities, transit, and gov systems, turning one weak link into global disruption.[3] Patch your vendor risk assessments and enforce zero-trust everywhere.
My take: This is a wake-up call screaming louder than a jumbo jet takeoff. Aviation runs on trust in these providers—ignore MFA at your peril, or watch the skies turn into a hacker’s playground.
