This article is more than 1 year old

Ransomware grounds some flights at Indian budget airline SpiceJet

Incident comes a week after 'SAP glitch' kept some planes on the taxiway

Indian budget airline SpiceJet on Wednesday attributed delayed flights to a ransomware attack.

SpiceJet said the attack was quickly contained and rectified with flights again operating normally.

The company later was forced to clarify that its definition of “normally” meant flights delayed by ransomware had a cascading effect on its schedule, so while it whacked the ransomware passengers could still expect disruptions.

Some passengers, including high-profile ones like president of India's ruling Bharatiya Janata Party, Rajasthan Satish Poonia, took to Twitter to complain about the delay and lack of communication from the airline.

One passenger complained of sitting on a stationary aircraft for three hours and 45 minutes.

SpiceJet is the second largest airline in India measured by domestic passengers, and in pre-COVID 2019 claimed 13.6 percent market share.

The carrier has not discussed what variety of ransomware it experienced, the systems it impacted, and whether it paid the ransom or was able to swiftly restore systems. Whatever SpiceJet did to defeat ransomware, it fixed the problem at jet speed - operations resumed within hours rather than stretching into days as happened when Colonial Pipeline was infected.

The incident is SpiceJet's second tech mess in as many weeks, after it was last week denied departures from Delhi because the company was not up to date with payments to the Airports Authority of India (AAI).

The airline attributed the nonpayment to “a technical glitch in SAP”, according to The Times of India.

In 2020, a US security researcher reportedly gained access to one of SpiceJet’s systems by brute-forcing their way into the system thanks to an easily guessable password. That effort yielded an unencrypted database backup file containing private information of more than 1.2 million passengers.

SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways suffered a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. ®

More about


Send us news

Other stories you might like