• Home
  • cyber
  • WestJet and Hawaiian Airlines: North American airlines targeted by cyberattacks
cyber Ransomware

WestJet and Hawaiian Airlines: North American airlines targeted by cyberattacks

Jun 27, 2025 2 min read
WestJet and Hawaiian Airlines: North American airlines targeted by cyberattacks

Cybercriminal Group Scattered Spider Targets North American Airlines in Recent Attacks

At least two major North American airlines WestJet and Hawaiian Airlines have confirmed cyberattacks in June, as the FBI and cybersecurity firms warn of a surge in threats against the aviation industry. The attacks have been linked to Scattered Spider, a notorious cybercriminal group known for its social engineering tactics and ransomware deployments.

WestJet first detected the breach on June 13, stating it had made "significant progress" in resolving the incident, though details on operational disruptions remain unclear. Hawaiian Airlines disclosed in an SEC filing on June 17 that it had identified a hack but confirmed flights were operating normally. Meanwhile, American Airlines reported a separate "technology issue" on June 21, though it has not confirmed whether the incident was cyber-related.

Scattered Spider, described by cybersecurity firms as a loosely organized group of young, English-speaking hackers, specializes in phishing and social engineering to gain access to corporate systems. Once inside, they often hand off control to ransomware operators, who lock critical systems and demand payment. The group has previously targeted Las Vegas casinos in 2023 and British retailers earlier this year, causing widespread disruptions, including supply chain shortages for Whole Foods.

The FBI issued a public warning on June 21, stating that Scattered Spider was actively targeting aviation and that the agency was collaborating with industry partners to mitigate the threat. Google’s Mandiant and Palo Alto Networks have also observed the group’s recent focus on the sector, with Mandiant’s CTO, Charles Carmakal, noting multiple incidents in transportation and aviation.

While both WestJet and Hawaiian Airlines have assured that flights remain unaffected, the full scope of the breaches including potential data exposure remains under investigation. The attacks underscore the aviation industry’s growing vulnerability to sophisticated cyber threats.

Source: https://www.nbcnews.com/tech/security/american-airlines-targeted-cyberattacks-westjet-hawaii-rcna215645

Hawaiian Airlines cybersecurity rating report: https://www.rankiteo.com/company/hawaiian-airlines

WestJet cybersecurity rating report: https://www.rankiteo.com/company/westjet

"id": "HAWWES1773167326",
"linkid": "hawaiian-airlines, westjet",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'aviation',
                        'location': 'North America',
                        'name': 'WestJet',
                        'type': 'airline'},
                       {'industry': 'aviation',
                        'location': 'North America',
                        'name': 'Hawaiian Airlines',
                        'type': 'airline'},
                       {'industry': 'aviation',
                        'location': 'North America',
                        'name': 'American Airlines',
                        'type': 'airline'}],
 'attack_vector': ['phishing', 'social engineering'],
 'date_detected': '2024-06-13',
 'date_publicly_disclosed': '2024-06-17',
 'description': 'At least two major North American airlines, WestJet and '
                'Hawaiian Airlines, confirmed cyberattacks in June linked to '
                'the cybercriminal group Scattered Spider. The FBI and '
                'cybersecurity firms warn of a surge in threats against the '
                'aviation industry. Scattered Spider is known for social '
                'engineering tactics and ransomware deployments. WestJet '
                'detected the breach on June 13, while Hawaiian Airlines '
                'disclosed the incident in an SEC filing on June 17. American '
                'Airlines reported a separate technology issue on June 21, '
                'though it is unconfirmed if it was cyber-related.',
 'impact': {'operational_impact': 'Flights remained unaffected, but full scope '
                                  'of breaches under investigation'},
 'investigation_status': 'Ongoing',
 'motivation': ['financial gain', 'data exfiltration'],
 'references': [{'date_accessed': '2024-06-21', 'source': 'FBI Public Warning'},
                {'source': 'Google’s Mandiant'},
                {'source': 'Palo Alto Networks'},
                {'date_accessed': '2024-06-17',
                 'source': 'Hawaiian Airlines SEC Filing'}],
 'regulatory_compliance': {'regulatory_notifications': 'Hawaiian Airlines '
                                                       'disclosed incident in '
                                                       'SEC filing'},
 'response': {'law_enforcement_notified': 'FBI involved in mitigation efforts'},
 'threat_actor': 'Scattered Spider',
 'title': 'Scattered Spider Cyberattacks on North American Airlines',
 'type': ['ransomware', 'data breach']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.