SpiceJet, a low-cost Indian airline, has notified its customers of a ransomware assault that has disrupted parts of its systems and caused flight delays. According to a post on the airline’s social media sites, the airline’s IT staff was able to repel the attempt, and operations are now back to normal.
However, several consumer reports on Twitter and Facebook continue to highlight persistent issues, such as flight delays, unavailability of customer care via phone, and the reservations system. Only SpiceJet’s homepage was operational at the time of writing, with other underlying services and webpages failing to load.
On the other hand, the flight status tables were available and revealed enormous delays in all of the locations we examined, ranging from two to five hours. SpiceJet is India’s second-largest airline, as per public data, with a fleet of 102 planes serving over 60 destinations. The company employs over 14,000 people and controls around 15% of the local market.
As a result, a hack that disrupts its operations impacts a huge number of passengers in India and abroad, resulting in multi-hour delays and considerable financial losses. When SpiceJet was contacted for further information regarding the ransomware attack, a company spokesperson responded as follows:
“Certain SpiceJet systems faced an attempted ransomware attack last night that has impacted our flight operations. While our IT team has to a large extent contained and rectified the situation, this has had a cascading effect on our flights leading to delays. Some flights to airports where there are restrictions on night operations have been cancelled. SpiceJet is in touch with experts and cyber crime authorities on the issue.”
SpiceJet revealed a cybercrime incident (data breach) in January 2020 also, in which an unauthorized user gained access to a database backup file on one of the airline’s vulnerable servers. The file included the full names, flight details, phone numbers, email addresses, and dates of birth of 1,200,000 passengers who had flown with SpiceJet in the preceding month.
Then, SpiceJet experienced significant financial difficulties in 2021 due to grounding its fleet owing to COVID-19 regulations, citing a 28 percent yearly revenue loss that directly jeopardized the company’s long-term viability. It’s reasonable to imagine that the company’s severe financial circumstances didn’t leave much room for cybersecurity and incident response spending, which may have aided the ransomware attackers in this case.