Indian low-cost airline SpiceJet recently informed its passengers of an attempted ransomware strike that has negatively affected its systems, resulting in delayed flight departures.

The attack was announced via a published statement on the budget airline’s dedicated social media channels. The announcement explained that its resident IT team was able to foil the attempt and return the airline to its normal operating status.

According to data available to the public, SpiceJet is currently India’s second-largest airline. It now operates a fleet of over 100 aircrafts and covers more than 60 different destinations. The company has a staff of more than 14,000 personnel.

Major disruptions to site and services

Unfortunately, despite SpiceJet’s notice, multiple customer posts made on social media platforms Facebook and Twitter soon after the airline’s announcement continued to report continuing issues. Customers highlighted flight delays, stating that phone-based customer services remained unreachable, and that the airline’s bookings system was unavailable. A subsequent examination of the airline’s website found that only its homepage was operational and that most of its webpages and underlying systems were unable to load. However, its tables displaying flight status were fully accessible and showed severe delays of between two to five hours in length for multiple destinations.

As the second largest airline in India, it is understood that a cyberattack on SpiceJet will have a significant impact on many passengers across the country, as well as the international destinations flights were bound for. As a result, these multi-hour delays may translate directly into substantial financial losses.

Statement from SpiceJet

Computer help site BleepingComputer reached out to the Indian airline following the attacks, requesting further details regarding the ransomware attack. A spokesperson for the flight operator commented:

“Certain SpiceJet systems faced an attempted ransomware attack last night that has impacted our flight operations. While our IT team has to a large extent contained and rectified the situation, this has had a cascading effect on our flights leading to delays. Some flights to airports where there are restrictions on night operations have been cancelled. SpiceJet is in touch with experts and cybercrime authorities on the issue.”

Back in January 2020, the airline made the headlines when passenger data was disclosed in a breach. SpiceJet confirmed it had suffered a data breach incident that enabled an unauthorised individual to illegally access a backup file of its database that was being held on one of the airline’s servers, as it had been inadequately protected.

The data file was not encrypted and contained information on 1,200,000 different passengers who had travelled with SpiceJet. The data exposed included their full names, phone numbers, flight information, dates of birth and personal email addresses.

In 2021, the airline, like many others, suffered severe financial issues because of having to ground its fleet to meet COVID-19 restrictions. It reported a 28% loss to its annual revenue, which threatened its ability to continue to operate. Such financial losses may be instrumental in the lack of funds available for investing in cybersecurity measures to defend against the ransomware attack recently experienced by the company.

Easy-to-use data protection

At Galaxkey, we’ve created a platform that quickly and easily encrypts your data to ensure that only those authorised can see the data you send out. To show you how great the platform is, you can have a free 14-day trial.