- Collins Aerospace has suffered a data breach
- This breach may affect passengers of Dublin and Cork airports
- Anyone affected may be at risk of identity theft or fraud
A key supplier for both Dublin and Cork airports has confirmed it suffered a data breach, which is said to involve the passenger details of potentially millions of people who flew through the airports in August 2025.
DAA, the managing authority for the two travel hubs, told the Irish Times a data security incident involving third-party supplier Collins Aerospace had resulted in boarding pass information published online by a ‘cyber-criminal group’.
While the DAA has reassured passengers they do not need to take any immediate action, if personal information is exposed, this could leave them at risk of identity theft or fraud - so they should monitor their accounts closely for any suspicious activity.
Ongoing investigation
Swedish airline SAS distributed an email warning passengers who flew to Dublin or Cork in August 2025 that their information may be affected;
“The affected files included your booking reference, first name, last name and Frequent Flyer Number. Based on this information, it is possible that other details connected to your booking – such as contact information and travel itinerary – could have been accessed. It is possible that this information may be leaked to the public by the unauthorised party.”
So far, there is no evidence of any direct impact on DAA systems themselves, and there seems to be no disruption to flights or bookings.
There has been a string of high-profile cybersecurity incidents in recent months, the vast majority of which originated through the initial breach of third-party contractors.
Recent research suggests that a third of all cyberattacks now involve third-party vendors or external platforms, highlighting the challenges security teams now face in ensuring the security not just of their own systems, but also of their partners.
