Airline carrying out deportation flights confirms cyberattack to SEC

An airline involved in deportation flights on behalf of the Trump administration confirmed reports of a cybersecurity incident with the U.S. Securities and Exchange Commission (SEC) on Friday.

Global Crossing Airlines Group said a cyberattack on May 5 gave hackers access to “systems supporting portions of its business applications.” The filing with the SEC confirms reporting this week from the news outlet 404 Media, which was contacted by a hacker with information allegedly stolen from the company about ICE deportation flights. 

The company, which has facilitated hundreds of ICE deportation flights through a subcontractor since last year, offered few details about the incident. 

Law enforcement has been contacted and a cybersecurity firm was hired but the company did not respond to several inquires about what data was taken and whether the hacker identified themselves. 

The FBI and DHS declined to comment. 

Global Crossing Airlines Group noted that none of its operations were disrupted and that it does not believe the incident will have a “material effect on the company’s financial condition.”

The alleged hacker behind the incident, who called themselves Anonymous, told 404 Media that they defaced the company’s website before stealing flight records and manifests. The data provided to 404 Media was verified against public reports and incidents of deportations — and includes evidence of the company’s involvement in two notable flights in March.

The company, which also refers to itself as GlobalX, is a Miami-based airline offering passenger and cargo flights in the U.S., Latin America, Europe and the Caribbean.

It reported a 2023 revenue of $160 million and makes about $65 million annually from its work with ICE. 

The Department of Homeland Security and ICE did not respond to requests for comment about the data stolen or the incident.