A SpiceJet spokesperson confirmed the development, saying that Tuesday night’s ransomware attack slowed down flight departures this morning. After SpiceJet received several queries on the departure delay, the company tweeted, (translated) “Some SpiceJet systems suffered a ransomware attack last night, affecting and slowing down the flight this morning. Our IT team has The situation has been controlled and rectified and flights are operating normally.”
#ImportantUpdate: Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today. Our IT team has contained and rectified the situation and flights are operating normally now.
— SpiceJet (@flyspicejet) May 25, 2022
Meanwhile, as the stranded passengers complained of delay at the airport today, the ground staff informed them that the ‘server is down’. One of the passengers, Renu Tilwani, tweeted that a flight to Bengaluru, which was scheduled to take off at 9.30 am, will now take off at 1.30 pm. However, the officials are not giving details about the technical glitch, saying that they are unable to track down the incident.
In 2020, SpiceJet was reportedly affected by a security flaw that exposed personal information of over 1.2 million passengers, including flight information. The information is said to have been found in an unencrypted database file when a security researcher accessed a SpiceJet system by brute-forcing the password.
The flight to Bangalore was scheduled to depart at 9.30 am but its estimated to depart at 1.30 pm. The official statement of spicejet airlines said, ‘They are not able to track.’ Not providing other details regarding the technical glitch.@JM_Scindia @aai_gwalior@flyspicejet
— Renu Tilwani (@124blessedsoul) May 25, 2022
As reported by TechCrunch, the breach was carried out by a security researcher, who has not been named by the publication because he violated US computer hacking laws. The report claimed that the researchers used brute force method to hack SpiceJet’s systems. For those who do not know, let us tell you that this is a method in which hundreds of random passwords are run on the system and the correct password is guessed. As of last month, the system had an unencrypted backup file with the personal information of more than 1.2 million passengers, including such vital information as names, phone numbers, email addresses, dates of birth and flight information.