Hawaiian Airlines disclosed a cybersecurity event affecting some of its IT systems on June 26, sparking concerns across the industry. Despite the breach, the airline emphasized that flight operations remained unaffected, and the Federal Aviation Administration confirmed there was no safety impact.
Hawaiian identified a “cybersecurity event” on June 23, first notifying the public early on June 26 via its newsroom.
The airline did not specify which IT systems were targeted, though third-party reporting suggests reservation, check-in, and backend tools may have been affected.
No ransomware group has claimed responsibility, and there have been no confirmed ransom demands or data breaches.
Despite the disruption, Hawaiian affirmed that “flights are operating safely and as scheduled,” and brought in cybersecurity experts and federal authorities to manage the incident.
The FAA’s safety office affirmed it’s in active contact with Hawaiian and there is no impact on flight safety. Monitoring continues as investigators work to contain and resolve the situation.
Cybersecurity experts note that airlines are increasingly being targeted due to their reliance on interconnected systems storing sensitive passenger data. Google’s Mandiant, for example, suggests the attack bears hallmarks of the notorious Scattered Spider gang—though no definitive attribution has been made.
This incident follows similar cyberattacks in recent months—including those affecting WestJet and Japan Airlines—and underscores a systemic vulnerability in aviation’s digital infrastructure.
Hawaiian’s cybersecurity event also drew attention on financial markets. Alaska Air Group (parent company of Hawaiian) saw shares dip slightly following news of the incident, though broader upward trends attributed to travel recovery persisted.
Ensure critical systems (booking, check-in, loyalty) are fully reinstated. Forensics underway—CISA, FBI, Mandiant-like firms assisting in attribution. FAA and CISA to determine compliance or mitigation steps. Strengthen MFA, patch legacy systems, and consolidate redundancies.
Dr. Darren Williams, CEO of BlackFog, warns that airlines must elevate defenses beyond basic protections:
“The primary goal of cyber attacks is often not just to access systems but to use sensitive or personal data as leverage for extortion… operators must remain vigilant”.
Though Hawaiian Airlines has contained the incident without disrupting flights, the episode serves as a stark reminder: one weak link in IT systems can potentially cripple core airline operations. The coming weeks will be pivotal—bringing scrutiny from regulators, deep technical audits, and attention to whether sufficient resilience is being built across the aviation industry.
