Aeroflot, Russia’s largest airline, has been hit by a severe cyberattack that destroyed more than 7,000 servers and crippled its operations, disrupting travel for up to 200,000 daily passengers at the height of the summer season. The incident was first detailed on X by Ukrainian-American commentator Igor Sushko, citing claims from hacking groups Silent Crow and the Belarusian Cyber-Partisans, who said they stole over 20 terabytes of data, including passenger records and corporate mail.
Russia’s Prosecutor General’s Office confirmed that a “hacker attack” caused widespread disruption and announced a criminal investigation under national cybersecurity laws. Kremlin spokesperson Dmitry Peskov called the reports “quite alarming” and warned of the threat to critical infrastructure. Aeroflot itself acknowledged a “failure in the information system” that led to more than 100 flight cancellations and delays on July 28, noting efforts were underway to stabilize systems and assist customers.
The attackers claim to have wiped Aeroflot’s CREW, SharePoint, and ERP platforms, leaving the airline unable to manage crew assignments, reservations, or internal communications. Silent Crow and the Cyber-Partisans have previously coordinated actions targeting Russian and Belarusian infrastructure, with the latter known for opposing President Alexander Lukashenko’s regime since 2020. Cybersecurity experts told outlets such as Reuters and the BBC that this operation appears politically motivated, rather than financially driven.
Despite claims by the hackers, a spokesperson from Sabre confirmed “that Aeroflot does NOT run on Sabre. “We are not associated with this issue.“
- 7,000 servers reportedly destroyed, 20 TB of data stolen
- Russian Prosecutor General’s Office confirmed a “hacker attack” and launched probe
- Over 100 flights canceled or delayed; major disruption at Sheremetyevo Airport
- Critical systems offline: CREW, Sabre, SharePoint, ERP
- Attack claimed by Silent Crow and Belarusian Cyber-Partisans, amplified by Igor Sushko on X
“Aeroflot is working tirelessly to restore service to our passengers and stabilize our operations,” the airline said in a statement.
🌐 Why it Matters: The Aeroflot breach underscores how hacktivist groups are escalating digital conflict by targeting high-value infrastructure. With airlines dependent on complex IT ecosystems, attacks of this scale pose both national security risks and global aviation concerns, pushing cybersecurity resilience into the spotlight for critical transport operators.
🌐 An earlier posting of this article, incorrectly linked Aeroflot and Sabre.