GlobalX, a charter airline that has been enlisted by the US government for deportation purposes, has confirmed that it experienced a cybersecurity breach within its network infrastructure. The company disclosed the information through an SEC filing on May 9, 2025, detailing that unauthorized activity was detected on May 5, prompting immediate incident response measures.
Upon discovering the unauthorized access, GlobalX activated its incident response protocols and engaged third-party cybersecurity experts to assist in containing and investigating the incident. The airline has taken steps to contain the breach and isolate affected servers to prevent any further intrusion. The complete scope and impact of the breach remain uncertain as investigations are ongoing.
While GlobalX has not publicly communicated this incident beyond the necessary legal disclosures, the incident has raised concerns among industry experts. Reports suggest that the breach may involve the theft of sensitive flight records and passenger manifests, some of which relate to deportation flights, dating back to January. Cybercriminals often employ data exfiltration as a tactic to extort companies.
The airline has informed law enforcement and is working diligently to understand the full extent of the attack. Despite the severity of the situation, GlobalX indicated in its filings that there has been no disruption to its operations as a result of the incident. The airline continues to uphold its commitment to robust cybersecurity practices, as stated in its investor presentation.