A cybersecurity breach at **Collins Aerospace**, a third-party supplier for **Dublin Airport**, led to the compromise of passenger boarding-pass data for travelers who used the airport in **August 2025**. The exposed information—including **booking references, full names, Frequent Flyer Numbers, contact details, and travel itineraries**—was potentially published online by a **cyber-criminal group**. While no immediate fraudulent activity was reported, passengers were advised to monitor their bookings for suspicious behavior. The **Data Protection Commission (DPC)**, **Irish Aviation Authority**, and **National Cyber Security Centre** were notified, and affected airlines (e.g., **SAS**) began informing customers. The breach originated from Collins Aerospace’s IT systems, with no evidence of direct compromise of DAA’s infrastructure. Investigations remain ongoing, but the incident highlights risks tied to **third-party vendor vulnerabilities** and **large-scale passenger data exposure**.
TPRM report: https://www.rankiteo.com/company/dublin-airport-authority-daa-
"id": "dub3502135102525",
"linkid": "dublin-airport-authority-daa-",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Millions of passengers who '
'traveled through Dublin Airport '
'in August 2025',
'industry': 'Aviation',
'location': 'Dublin, Ireland',
'name': 'Dublin Airport Authority (DAA)',
'type': 'Airport Operator'},
{'industry': 'Aerospace/IT Services',
'name': 'Collins Aerospace',
'type': 'Third-Party Supplier'},
{'customers_affected': 'Passengers who departed from '
'Dublin Airport in August 2025',
'industry': 'Aviation',
'location': 'Sweden',
'name': 'Scandinavian Airlines (SAS)',
'type': 'Airline'}],
'customer_advisories': 'Airlines (e.g., SAS) notified affected passengers via '
'email about potential exposure of booking details.',
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['Boarding pass files'],
'number_of_records_exposed': 'Potentially millions '
'(passengers who traveled in '
'August 2025)',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes personally '
'identifiable information)',
'type_of_data_compromised': ['Boarding pass data (August '
'1–31, 2025)',
'Passenger names',
'Booking references',
'Frequent Flyer Numbers',
'Contact information',
'Travel itineraries']},
'date_detected': '2025-09-18',
'date_publicly_disclosed': '2025-10-21',
'description': 'A cyber-criminal group compromised a key supplier (Collins '
'Aerospace) of Dublin Airport, exposing boarding pass data of '
'passengers who traveled through the airport in August 2025. '
'The breach was detected on September 18, 2025, when Collins '
'Aerospace notified DAA (Dublin Airport Authority). The '
'exposed data includes passenger names, booking references, '
'Frequent Flyer Numbers, contact information, and travel '
'itineraries. The data was potentially published online by the '
'cyber-criminal group. An investigation is ongoing, with '
'coordination between DAA, regulators (DPC, Irish Aviation '
'Authority, National Cyber Security Centre), and affected '
'airlines (e.g., SAS). No direct impact on DAA systems has '
'been confirmed, but passengers are advised to monitor for '
'unusual activity.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to '
'Dublin Airport Authority (DAA) and '
'Collins Aerospace due to exposure of '
'passenger data',
'data_compromised': ['Passenger names (first and last)',
'Booking references',
'Frequent Flyer Numbers',
'Contact information',
'Travel itineraries'],
'identity_theft_risk': 'High (due to exposure of PII like names, '
'booking references, and contact details)',
'legal_liabilities': 'Regulatory notifications to Data Protection '
'Commission (DPC), Swedish Authority for '
'Privacy Protection (via SAS airline)',
'systems_affected': ['Collins Aerospace IT systems (third-party '
'supplier)']},
'initial_access_broker': {'high_value_targets': ['Passenger boarding pass '
'data (August 2025)']},
'investigation_status': 'Ongoing (as of October 2025)',
'ransomware': {'data_exfiltration': True},
'references': [{'date_accessed': '2025-10-21', 'source': 'The Irish Times'},
{'date_accessed': '2025-10-21',
'source': 'Scandinavian Airlines (SAS) Customer Advisory'}],
'regulatory_compliance': {'regulatory_notifications': ['Data Protection '
'Commission (DPC) - '
'reported on '
'2025-09-19',
'Swedish Authority for '
'Privacy Protection '
'(via SAS airline)']},
'response': {'communication_strategy': 'Airlines (e.g., SAS) notified '
'affected passengers via email; DAA '
'issued public statements and advised '
'passengers to monitor for unusual '
'activity.',
'incident_response_plan_activated': True,
'third_party_assistance': ['Irish Aviation Authority',
'Data Protection Commission (DPC)',
'National Cyber Security Centre',
'Affected airline partners (e.g., '
'SAS)']},
'stakeholder_advisories': 'Passengers advised to monitor for unusual activity '
'related to their bookings; no immediate action '
'required.',
'threat_actor': 'Cyber-criminal group',
'title': 'Data Security Breach at Dublin Airport’s Third-Party Supplier '
'(Collins Aerospace)',
'type': 'Data Breach'}