Aviationnews – On July 28, 2025, Russia’s flagship carrier Aeroflot suffered a severe IT collapse that grounded more than 100 flights, throwing travel plans into chaos. The cause? A cyberattack—allegedly orchestrated by pro‑Ukrainian hackers—that the airline says brought down critical parts of its information infrastructure.
Morning Mayhem at Sheremetyevo
Passengers at Moscow’s Sheremetyevo Airport woke up to red departure boards as nearly 49 round‑trip flights were abruptly canceled, affecting domestic routes including St. Petersburg, Kazan, Sochi—and international destinations like Minsk and Yerevan. At least eight more round‑trips were delayed, including flights to Tashkent.
In the chaotic rush, Aeroflot urged passengers to retrieve baggage and exit the terminal to avoid overcrowding, and offered refunds or rebooking within ten days—though ticket offices at the airport couldn’t process these in person due to the outage.
Who Was Behind It? Hacker Groups Take Credit
Two hacker collectives calling themselves Silent Crow and Cyber Partisans BY claimed responsibility. They declared that they had spent a year inside Aeroflot’s corporate network, eventually gaining full access. According to the hackers, they exfiltrated up to 20 terabytes of data and destroyed about 7,000 physical and virtual servers, claiming to have compromised systems from booking to executive emails.
Silent Crow’s statement included a defiant slogan: “Glory to Ukraine! Long live Belarus!” while urging that their attack served as a direct challenge to Russia’s security apparatus.
Official Response: Criminal Probe Launched
Russia’s Prosecutor‑General office formally opened a criminal investigation, confirming that the outage was caused by an unauthorized breach into Aeroflot’s IT systems. Kremlin officials called the incident “quite alarming”, emphasizing that cyber threats remain a serious risk to major infrastructure providers.
Fallout and What Comes Next
The attack not only disrupted services for Aeroflot but also affected its affiliates Rossiya and Pobeda, further expanding the travel havoc. With systems offline, the airline could not process refunds or rebookings at airport counters—though online and call‑center options remained active for most customers.
This breach marks a serious escalation in cyber warfare tactics. Observers warn that not only has data loss been extensive, but restoring IT operations could cost tens of millions of dollars, underscoring the strategic impact of cyber attacks on corporate infrastructure.
