Click Here for Notice
April 7, 2020
TO: All Airport Commission Employees
FROM: Airport ITT
SUBJECT: Notice of Data Breach
What happened? SFOConnect.com and SFOConstruction.com were the targets of a cyberattack in March 2020. The attackers inserted malicious computer code on these websites to steal some users’ login credentials. Users possibly impacted by this attack include those accessing these websites from outside the airport network through Internet Explorer on a Windows-based personal device or a device not maintained by SFO.
What information was involved? At this time, it appears the attackers may have accessed the impacted users’ usernames and passwords used to log on to those personal devices.
What we are doing? The malicious code was removed from the affected websites. SFOConnect.com and SFOConstruction.com were taken offline. The airport also forced a reset of all SFO related email and network passwords on Monday, March 23, 2020.
What you can do? If you visited either website outside of SFO’s managed networks and using Internet Explorer on a Windows-based device, you should change the password you use to log in to that device. You should also consider changing any credentials that use the same username and password combination. For more information, please contact SFO by email: firstname.lastname@example.org