A data broker owned by some of America’s biggest airlines has been selling access to customer flight data to the US Department of Homeland Security (DHS).
The data, compiled by data broker Airlines Reporting Corporation (ARC), includes names, flight itineraries, and financial details. It also covers flights booked via US travel agencies. ARC makes this data available to Customs and Border Protection (CBP), along with Immigration and Customs Enforcement (ICE), both of which were previously known as the US Customs Service until 2003, and both of which are offices under DHS. ARC is owned and operated by eight major US airlines and is unique in being the only financial intermediary between the airline industry and US travel agencies, according to the data broker’s contract with ICE.
Read more…
Source: Malwarebytes Labz
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- US Department of Homeland Security reportedly sent hundreds of subpoenas seeking to unmask anti-ICE accounts
February 14, 2026
The Department of Homeland Security has been increasing pressure on tech companies to identify the owners of social media accounts that criticize Immigration and Customs Enforcement (ICE), according to The New York Times. This echoes other recent reporting, with Bloomberg pointing to five cases in which Homeland Security sought to identify the owners of anonymous Instagram ...
- Paris prosecutor’s cybercrime unit searches X office
February 3, 2026
French police raided the offices of Elon Musk’s social media network X on Tuesday and prosecutors ordered the tech billionaire to face questions in April in a widening investigation, amid growing scrutiny of the platform by authorities across Europe. France’s raid and the summoning of Musk — which could further increase tensions between Europe and the ...
- New Jersey health system agrees to pay $4.5M in data breach settlement
February 3, 2026
Capital Health, a health care provider with multiple locations in New Jersey and Pennsylvania, will pay $4.5 million as part of a settlement over a 2023 data breach that compromised the private information of patients, former patients and employees. In a statement, the company said the stolen information included names, addresses, social security numbers, dates of ...
- Russian ransomware hackers allegedly hit Tulsa airport in cyberattack, dump private files online as proof
February 2, 2026
Russian ransomware operators Qilin have claimed to have broken into the Tulsa International Airport and stolen an unspecified amount of sensitive company data. A report from Cybernews says the group recently added the airport to their data leak site, and included 18 samples as proof of their claims. The researchers analyzed the samples, finding it included ...
- Oregon residents health data stolen in TriZetto breach
January 31, 2026
Thousands more Oregonians will soon receive data breach letters in the continued fallout from the TriZetto data breach, in which someone hacked the insurance verification provider and gained access to its healthcare provider customers across multiple US states. The breach occurred back in November 2024, with intruders snooping through protected health information and other sensitive personal ...
- Informant told FBI that Jeffrey Epstein had a ‘personal hacker’
January 30, 2026
A confidential informant told the FBI in 2017 that Jeffrey Epstein had a “personal hacker,” according to a document released by the Department of Justice on Friday. The document, which was released as part of the Justice Department’s legally required effort to publish documents related to its investigation into the late sex offender, does not identify ...