Scandinavian Airlines (SAS) was hit with a cyberattack on Wednesday, rendering its app and website inoperable for nearly a full day. A group known as Anonymous Sudan reportedly first demanded $3,500 from the carrier before upping its demands to $175,000.

No service

This isn't the first time SAS has faced an IT breach. In February, the same group, Anonymous Sudan, leaked customer data and caused havoc as passengers were logged into others' accounts instead of their own. According to Cyber News, this hacking collective is targeting SAS again, and on May 24th, they shut down the app and website for over 22 hours.

Users on Twitter began noticing issues at around 12:30 BST, noting that they could not log into their accounts or even open the app and website. This quickly led to a flurry of queries as passengers were unable to check-in or print their boarding passes, forcing them to go to the airport and manually check-in. The carrier responded to the outage online by saying,

However, it was later revealed that the issue pertained to a cyberattack and not a regular IT issue.

Get the latest aviation news straight to your inbox: Sign up for our newsletters today!

Ransom demanded

As has become common with large organizations globally, especially airlines, the hackers promptly demanded a ransom to restore access to the SAS services. After initially demanding just $3,500, the group upped its demand to $175,000. Despite insurance for cyberattacks, it's unclear if the airline paid the ransom or managed to restore access by other means. At the time of writing, flysas.com and all its affiliated URLs are back online after being down for almost a full day.

Cyber News notes that Anonymous Sudan routinely employs Distributed Denial-of-Service (DDoS) attacks to cause servers to overload and shut down temporarily. Given their global sources of traffic and high demand around the clock, airlines are vulnerable, explaining why we see so many airlines suffer.

SAS Boeing 737
Photo: Robert Buchel/Shutterstock

In February, SAS was targeted in a larger attack that saw passengers being able to access each other's personal data, including names, addresses, last four digits of saved credit cards, and flight history. The airline said it was investigating the issue and created a team to deal with the matter. Now, three months later, it faced a different cyberattack and found itself offline for a day.

Simple Flying has contacted SAS and will update this article with a statement once available.

Not alone

In the past year, TAP Air Portugal, American Airlines, airports in Germany and the US, and dozens of others have been targeted by hackers. The industry is working hard to fortify data, but as we go digital, risks remain.

Were you affected by the SAS IT issues? Let us know in the comments.

  • SAS A350
    SAS
    IATA/ICAO Code:
    SK/SAS
    Airline Type:
    Full Service Carrier
    Hub(s):
    Copenhagen Airport, Oslo Gardermoen Airport, Stockholm Arlanda Airport
    Year Founded:
    1946
    Alliance:
    Star Alliance
    Airline Group:
    SAS Group
    CEO:
    Anko van der Werff