Indian budget airline SpiceJet on Wednesday attributed delayed flights to a ransomware attack.
SpiceJet said the attack was quickly contained and rectified with flights again operating normally.
The company later was forced to clarify that its definition of “normally” meant flights delayed by ransomware had a cascading effect on its schedule, so while it whacked the ransomware passengers could still expect disruptions.
#Update: Certain SpiceJet systems faced an attempted ransomware attack last night that has impacted our flight operations. While our IT team has to a large extent contained and rectified the situation, this has had a cascading effect on our flights leading to delays. >>
— SpiceJet (@flyspicejet) May 25, 2022
Some passengers, including high-profile ones like president of India’s ruling Bharatiya Janata Party, Rajasthan Satish Poonia, took to Twitter to complain about the delay and lack of communication from the airline.
One passenger complained of sitting on a stationary aircraft for three hours and 45 minutes.
SpiceJet is the second largest airline in India measured by domestic passengers, and in pre-COVID 2019 claimed 13.6 percent market share.
The carrier has not discussed what variety of ransomware it experienced, the systems it impacted, and whether it paid the ransom or was able to swiftly restore systems. Whatever SpiceJet did to defeat ransomware, it fixed the problem at jet speed – operations resumed within hours rather than stretching into days as happened when Colonial Pipeline was infected.
The incident is SpiceJet’s second tech mess in as many weeks, after it was last week denied departures from Delhi because the company was not up to date with payments to the Airports Authority of India (AAI).
The airline attributed the nonpayment to “a technical glitch in SAP”, according to The Times of India.
In 2020, a US security researcher reportedly gained access to one of SpiceJet’s systems by brute-forcing their way into the system thanks to an easily guessable password. That effort yielded an unencrypted database backup file containing private information of more than 1.2 million passengers.
SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways suffered a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. ®