The San Francisco International Airport experienced a cyberattack in March 2020 whose goal was to steal the Windows logins for employees of the airport. ESET has stated that this attack corresponds with the tactics, techniques, and procedures (TTPs) of the Russian attributed APT hacking group known as Dragonfly/Energetic Bear. SFO has forced a reset of all network and email passwords on Monday, March 23, 2020, as a safety measure. The hackers could use them to gain further access to the airport network to perform corporate espionage, steal files, or deploy ransomware on the network.
Source: https://www.bleepingcomputer.com/news/security/russian-hackers-tried-to-steal-san-francisco-airport-windows-accounts/