Hawaiian Airlines has confirmed it is investigating a major IT disruption caused by a “cybersecurity event” that took place on Thursday, June 20. While the airline has not disclosed specific details, the nature of the incident has raised widespread concern that it could be a ransomware attack targeting its internal systems.
The Honolulu-based carrier alerted customers to the situation at 10:45 a.m. PST via its website, noting that some of its IT infrastructure had been affected. However, despite the disruption, the airline emphasized that flight operations remain unaffected.
“Hawaiian Airlines is addressing a cybersecurity event that has affected some of our IT systems,” the company stated.
“We have taken steps to safeguard our operations and engaged the appropriate authorities and experts to assist in our investigation and remediation efforts.”
Passenger Flights Continue, No Immediate Safety Concerns
The Federal Aviation Administration (FAA) confirmed it is in communication with the airline and monitoring the situation. In its own statement, the FAA reassured the public:
“There has been no impact on safety, and the airline continues to operate safely.”
As of Thursday evening, Hawaiian Airlines’ main digital platforms, including its mobile app and website, remained functional. The company also posted on X (formerly Twitter) that its flights were “operating safely” and that updates would be shared as more information becomes available.
A High-Value Target in Aviation
With its primary hub at Daniel K. Inouye International Airport (HNL) in Honolulu, Hawaiian Airlines operates over 200 non-stop flights daily and serves more than 10 million passengers annually. The airline, celebrating its 90th anniversary this year, employs approximately 7,400 people and reported $2.7 billion in annual revenue for 2023.
Earlier this year, the airline announced plans to merge with Alaska Airlines, a move that would further expand its operational reach across the Pacific and North America.
Given its extensive customer base and critical role in inter-island and transpacific travel, Hawaiian Airlines presents a high-value target for ransomware gangs, which often seek both operational disruption and data theft.
Cyberattacks in Aviation Becoming Commonplace
The incident adds to a growing list of cyberattacks against the aviation industry, many of which have involved ransomware operations:
- WestJet (Canada) was recently hit, forcing internal systems offline.
- Seattle-Tacoma International Airport suffered a prolonged attack in 2023 by the Rhysida ransomware gang.
- Air Canada and global aircraft lessor AerCap were both targeted in separate attacks last year.
- Major breaches at Boeing (LockBit) and Japan Aviation Electronics (ALPHV/BlackCat) highlight the persistent focus of cybercriminals on aviation-related infrastructure.
Despite the high profile of this latest breach, no group has claimed responsibility for the Hawaiian Airlines incident as of now. In past attacks, gangs like LockBit, Rhysida, and Bian Lian have specifically targeted data such as personal information, loyalty records, and financial credentials—raising concerns about what systems may have been affected in this case.
Data Exposure and Business Continuity Are Top Concerns
As investigations continue, questions remain about whether any customer or employee data has been compromised. Cybernews reached out to the airline to inquire about data protection measures, but no further details have been shared.
Events like these not only disrupt operations but also challenge enterprise readiness for secure recovery in the aftermath of a breach. For airlines and other large organizations, having a resilient, offline-capable recovery system is critical in minimizing damage and restoring service.
Looking for a trusted recovery solution?
Defend your organization with StoneFly DR365—an air-gapped, immutable backup and recovery appliance trusted by enterprises to ensure zero data loss even in the event of complex cyberattacks.
