A hacker group claiming ties to Anonymous has reportedly breached GlobalX Airlines, leading to the release of sensitive flight and passenger data associated with controversial deportation flights.
GlobalX Airlines, a US charter airline contracted by the government for deportation operations, has found itself the target of a cyber attack by hacktivists aligned with Anonymous. The attackers have allegedly gained access to sensitive flight data, including passenger manifests, and defaced the airline’s website with a politically loaded message denouncing its involvement in contentious deportations.
The defaced webpage prominently featured the iconic Guy Fawkes mask, emblematic of Anonymous, alongside a message directed at a former US President. This message referenced a “Judge’s order” and accused GlobalX of ignoring lawful directives and furthering “fascist plans.” Such rhetoric indicates that the attack was ideologically motivated, reflecting the group’s disapproval of the airline’s role in deportation activities in the US.
In addition to the symbolic website defacement, the hacktivists have contacted journalists to disclose a vast cache of leaked data. This information reportedly includes detailed logs of flights, comprehensive passenger lists, and itinerary details spanning several months. Verification efforts by media outlets have confirmed the authenticity of this data against official Immigration and Customs Enforcement (ICE) records.
The data leak specifically highlights flights involved in the deportation of numerous Venezuelan migrants, some of whom were contesting their deportation at the time. The breach’s initiation stemmed from the discovery of a developer token associated with GlobalX, which allowed unauthorized access to the airline’s Amazon Web Services (AWS) cloud storage, thereby exposing critical infrastructure vulnerabilities.
The attackers did not stop at stealing data and defacing the website; they also claimed to have sent internal communications to pilots via NAVBLUE, a flight operations tool, and accessed the airline’s GitHub repository, which is typically used for code management. Such actions illustrate a sophisticated level of access and manipulation beyond mere data exfiltration.
One alarming case linked to the breach involves Ricardo Prada Vásquez, a Venezuelan national whose name appeared on a flight manifest indicating his deportation to El Salvador. His family alleges that he has been unaccounted for since his interaction with US immigration authorities.
This incident raises significant concerns about the security of sensitive data, especially against the backdrop of heightened scrutiny of the Trump administration’s data handling practices. Recent reports on the sharing of military plans via unsecured messaging platforms and data breaches impacting governmental applications further emphasize the potential risks associated with inadequate data security measures.
The situation surrounding GlobalX Airlines underscores the serious implications of hacking activities motivated by political agendas. The breach not only disrupts operations but also shines a spotlight on the regulatory and security protocols employed by organizations handling sensitive information. As developments unfold, further insights will be provided regarding responses from GlobalX and relevant immigration authorities.
