News

Scandinavian Airlines SAS hit by cyberattack, passenger data exposed

Scandinavian Airlines (SAS) has blamed a cyberattack for a recent multi-hour outage of its website and mobile app, which also resulted in the leak of user data.

The company issued a statement on its website stating that it is presently investigating the event.

According to the firm, the intrusion exposed contact information, prior and forthcoming flights, as well as the last four digits of the affected passengers’ credit card numbers.

SAS is the flagship carrier for Sweden, Denmark, and Norway, and it runs a fleet of 131 aircraft that serves 168 locations.

SAS claims that the risk of exposing financial information is low since only partial data was exposed, which cannot be readily abused.

Additionally, the company has clarified that passport details have not been compromised.

SAS has informed passengers who are worried about the spread of their credit card information that just the last four digits of the credit card number were accessible during the incident.

“There has been no risk that this information could be exploited. No passport details have been shared and no EuroBonus points should be affected,” SAS said.

“Attacks like this often come in batches and more attacks are likely to come in the near future. However, this should not impact any passenger data.”

“We always cooperate with the national CAA (Civil Aviation Agency), police, and security police when security matters are concerned – irrespective of the issue in question. We are monitoring the situation closely and continue the work to analyze and evaluate the attack and related consequences, as well as take preventive measures.”

According to TheRecord, a group of so-called hacktivists called ‘Anonymous Sudan’ claimed responsibility for the attack on SAS, and posted a statement about it on their Telegram channel.

The threat actors stated that they carried out the attack on SAS in response to an event that occurred on January 21, 2023, where a far-right nationalist group burned a copy of the Holy Quran in front of the Turkish embassy in Stockholm, Sweden, in protest of Turkey’s objections to Sweden’s NATO membership bid.

In addition to the cyberattack on SAS, Sweden’s national public television broadcaster, SVT, was temporarily taken offline earlier this week due to a cyberattack. Several other companies, universities, and telecom operators in Sweden were also targeted in similar cyberattacks.

The pro-Russian hacking group UserSec has claimed on Telegram that they are providing assistance to ‘Anonymous Sudan’ in their attacks on Sweden’s airports.