2 min read

Scandinavian Airlines website hit by cyber attack, customer details exposed


February 16, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Scandinavian Airlines website hit by cyber attack, customer details exposed

A group calling itself "Anonymous Sudan" has claimed responsibility for a cyber attack which knocked the website of Scandinavian Airlines (SAS) offline earlier this week, and left customer data exposed.

In a statement published on its corporate website, the airline explained that it and "several other companies" had been targeted in an attack that left its website and smartphone app down for some hours.

During the attack, some travellers who attempted to log into their SAS accounts discovered that they had access to the personal information of other customers, including their names, dates of birth, postal address, email address, and details of previous and upcoming flights.

In addition, the last four digits of customers' credit card numbers were visible.

SAS's initial response was to warn customers not to use the app until the problem was fixed - which was probably unlikely to reassure members of the public who were concerned that their personal details might have fallen into the hands of complete strangers.

Equally unlikely to calm concerned passengers was SAS's statement that "attacks like this often come in batches and more attacks are likely to come in the near future."

"However," said the firm, "this should not impact any passenger data."

The attack comes amid a wave of similar cyber assaults on Swedish organisations, under the banner of "Anonymous Sudan".  Sweden's healthcare sector, for instance, was hit by a number of similar attacks in recent days which overloaded systems with distributed denial-of-service (DDoS) attacks.

Messages on Anonymous Sudan's Telegram channel have claimed that its attacks are retaliation for anti-Islamic demonstrations in Sweden.

Sure enough, on Valentine's day, a cyberattack successfully took Sweden's national TV broadcaster SVT off-air temporarily.

Although the hacking group has chosen to use the name "Anonymous Sudan," some commentators have pointed out that it is very possible that the perpetrators of the attacks do not actual hail from Sudan, but may instead be part of a Russian campaign.

SAS says it has informed law enforcement agencies and the Civil Aviation Agency (CAA) about the security incident.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like