As summer travel ramps up, cybercriminals are ramping up their attacks — and airlines are in their crosshairs.
A hacking group known as Scattered Spider has been actively targeting North American airlines, aiming to breach internal systems and access sensitive data for extortion. The FBI recently issued a warning confirming the group’s activity and noting that the threat extends beyond the airlines themselves — vendors, contractors, and third-party IT providers are all at risk, making the entire air travel ecosystem vulnerable.
What Does This Mean for Summer Travelers?
If you’re flying this summer, it’s important to be aware that cybersecurity issues behind the scenes can potentially affect your travel experience. While there’s no need to panic, these recent cyberattacks may lead to:
- Delays accessing apps or websites
- Changes to account access or logins
- Unexpected password resets
- Customer service slowdowns during mitigation efforts
Recent Airline Cyber Incidents
In the past few weeks alone:
- WestJet reported a cyber incident affecting its internal systems in mid-June. Some users struggled to access the airline’s mobile app and website.
- Hawaiian Airlines confirmed a cybersecurity event impacting its IT infrastructure, though it’s unclear whether customer data was affected.
- Delta Air Lines proactively reset some customer accounts due to “unspecified security concerns” — a move the company said was precautionary, with no confirmed data breach.
What Are Airlines Doing About It?
Airlines are now working closely with cybersecurity experts and federal agencies like the FBI and CISA (Cybersecurity and Infrastructure Security Agency) to investigate and mitigate the impact. Recommendations include:
- Improving employee identity verification
- Limiting third-party IT access
- Enhancing training to prevent social engineering attacks
What You Can Do as a Traveler
While you can’t prevent a cyberattack on an airline, you can take steps to protect your personal information during your travels:
- Use strong, unique passwords for airline accounts.
- Enable MFA wherever possible.
- Be cautious of phishing emails pretending to be from airlines — especially if they ask you to click a link or provide personal information.
- Keep your airline apps up to date and monitor for service disruptions.
- Double-check any changes to your flight information or login credentials through official airline websites.
Final Thoughts
Air travel may feel routine, but it relies on highly complex, interconnected systems that are increasingly under attack. As you plan your summer getaway, keep in mind that cybercriminals like Scattered Spider are taking advantage of busy travel seasons to create chaos and cash in.
Stay alert. Stay secure. And enjoy your trip — safely. OptfinITy keeps our clients safe and protected from the latest threats. Interested in learning more? Reach out to us today at 703-790-0400 or sales@optfinity.com for a complimentary consultation.