Two websites affiliated with San Francisco International Airport (SFO) were compromised with code last March, allowing attackers to steal device login credentials from users who visited these sites, airport officials have disclosed.

The breach affected the websites SFOConnect.com, which appears to deliver informational content to the SFO workforce, and SFOConstruction.com, which includes details on airport construction projects, bids and contracts.

In an online notification posted this week, SFO says the incident may have affected individuals who specifically accessed the two websites using an Internet Explorer browser installed on either a personal Windows device or a device not maintained by SFO.