Connect with us

Business

SpiceJet airline passengers stranded after ransomware attack

Published

on

Low-cost Indian airline SpiceJet has informed its customers today of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures.

According to the announcement published on the airline’s social media channels, its IT team managed to thwart the attack, so everything is back to normal operational status.

However, multiple customer reports on Twitter and Facebook still reflect ongoing problems, highlighting flight delays, saying that customer service via phone is unreachable, and the bookings system remains unavailable.

Customer complaints on Twitter
Customers reporting lack of service availability

BleepingComputer confirmed at the time of writing that only the homepage of SpiceJet was working, while most underlying systems and webpages failed to load.

The flight status tables were accessible, though, and showed massive delays on all destinations we’ve checked, ranging between two to five hours.

A flight delay notice on SpiceJet site
A flight delay notice on SpiceJet site

According to public data, SpiceJet is the second-largest airline in India, operating a fleet of 102 aircrafts to serve over 60 destinations. The firm has more than 14,000 eployees and holds about 15% of the local market share.

As such, a cyberattack impacting its operations affects a large number of passengers across India and international destinations, and those multi-hour delays translate to significant financial losses.

BleepingComputer has reached out to SpiceJet for more details about the ransomware attack and a company spokesperson shared the following statement:

Certain SpiceJet systems faced an attempted ransomware attack last night that has impacted our flight operations. While our IT team has to a large extent contained and rectified the situation, this has had a cascading effect on our flights leading to delays.

Some flights to airports where there are restrictions on night operations have been cancelled. SpiceJet is in touch with experts and cyber crime authorities on the issue.

Previous trouble

In January 2020, SpiceJet confirmed a data breach incident that allowed an unauthorized individual to access a database backup file on one of the airline’s poorly protected servers.

The file contained unencrypted information of 1,200,000 passengers who had used SpiceJet’s services in the previous month, including their full names, flight information, phone numbers, email addresses, and dates of birth.

In 2021, SpiceJet went through severe financial trouble result of grounding its fleet due to COVID-19 restrictions, reporting an annual revenue loss of 28%, which directly threatened the sustainability of its business.

It is easy to assume that this dire financial situation didn’t leave much margin for investing in cybersecurity and incident response, which might be what allowed the ransomware actors in this case to launch a successful attack.

Source: https://www.bleepingcomputer.com/news/security/spicejet-airline-passengers-stranded-after-ransomware-attack/

Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2023 Cyber Reports Cyber Security News All Rights Reserved Website by Top Search SEO