Cyber Incident Victim: Tom Bradley International Terminal
Date:
Mar 2015
Location:
United States of America
Summary
A credit card data breach occurred at the Tom Bradley International Terminal within Los Angeles International Airport, compromising payment information for an unspecified number of individuals. The investigation centered on a single, unnamed business operating in the terminal. At least 19 airport employees working in the affected area subsequently experienced fraudulent charges on their payment cards. Authorities did not disclose further details regarding the scope of the compromise or the specific methods used to access the data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In March 2015, a credit card data breach occurred at the Tom Bradley International Terminal within Los Angeles International Airport (LAX), compromising payment card information for an undetermined number of individuals. Airport police confirmed the incident and initiated an investigation focused on a single, unnamed business operating inside the terminal. The breach resulted in confirmed fraudulent activity impacting at least 19 airport employees who worked in the terminal, with their credit or debit cards being misused following the compromise. Authorities did not disclose the timeframe during which the data was exposed or the specific methods used to access the payment systems. The targeted business’s identity remained undisclosed throughout the initial investigation phase, limiting public awareness of the precise point of compromise. Media outlets including KABC and CBS reported the breach, highlighting concerns over financial risks for travelers who had conducted transactions within the terminal. No further details regarding the scale of the breach beyond the employee victims or the total number of potentially affected customers were released by investigators at the time of reporting.
The incident directly impacted the 19 identified employees through unauthorized charges on their cards, demonstrating tangible financial harm linked to the terminal’s breach. Airport police provided no public updates on containment measures, forensic findings, or whether the compromised business had rectified vulnerabilities. Public guidance was limited to recommendations that individuals who used credit or debit cards at the terminal monitor their accounts for suspicious transactions. The lack of specific business identification hindered targeted consumer awareness, leaving all terminal patrons uncertain about their exposure risk. Media coverage emphasized the absence of critical details, such as the duration of the breach or the types of payment systems involved, while confirming the investigation’s narrow focus on a single entity within the terminal. The breach underscored persistent risks to payment card security in high-traffic retail environments like airports, though no broader system-wide compromises at LAX were alleged. Financial institutions and card networks likely initiated standard fraud monitoring procedures for cards used in the terminal during the relevant period, though no collaborative actions with law enforcement were detailed in available reports.