ANJ, February 9 - Reports have emerged claiming that a significant data breach may have compromised EgyptAir's internal systems, with an alleged database containing over 100,000 records from human resources and recruitment departments being offered for sale on underground cybercrime platforms. The purported leak reportedly includes highly sensitive employee information such as full names, national identification numbers, professional email addresses, and even cleartext passwords. If authentic, this exposure would represent a serious cybersecurity incident for Egypt's national flag carrier, potentially enabling identity theft, targeted phishing attacks, and unauthorized access to corporate networks in the aviation sector.
The advertised dataset appears to encompass detailed personnel files, including job application records and HR-related documents, raising concerns about the scale and depth of the alleged compromise. Cybersecurity monitoring services have flagged the claims as an emerging threat intelligence alert, highlighting the risks to employee privacy and organizational security. Aviation companies remain prime targets for cybercriminals due to the valuable nature of passenger and staff data, which can be exploited for fraud or further intrusions. Such incidents underscore the persistent vulnerabilities in the transportation industry's digital infrastructure.
🚨Cyberattack Alert ‼️
— Hackmanac (@H4ckmanac) February 9, 2026
🇪🇬Egypt - EgyptAir
Threat actor “quellostanco” claimed to be selling a full database allegedly stolen from EgyptAir, advertising it on a cybercrime forum.
The dataset reportedly includes about 104,000 records from HR and recruitment systems, with… pic.twitter.com/UJPeJEd20A
Despite the alarming details circulating in threat intelligence channels, no official confirmation has been issued by EgyptAir regarding the validity of the claimed breach or the authenticity of the data being offered for sale. The airline has not released any public statements acknowledging a cybersecurity incident, data exfiltration, or ongoing investigation. Until verified evidence surfaces or an official acknowledgment is made, the reported leak should be treated with caution, as unconfirmed claims on illicit forums frequently include fabricated or exaggerated material designed to attract buyers or create disruption.
The potential implications of a confirmed breach would be substantial, affecting not only individual employees but also the broader trust in EgyptAir's data protection practices. Airlines worldwide face mounting pressure to strengthen defenses against evolving cyber threats, including regular vulnerability assessments, encryption of sensitive databases, and proactive monitoring for unauthorized access. For now, stakeholders and affected individuals are advised to remain vigilant for signs of misuse while awaiting any formal update from the carrier.