Incident: On July 28, 2025, Russia’s flag carrier Aeroflot reported a critical failure in its corporate IT systems, leading to the cancellation of over 40 flights at Moscow’s Sheremetyevo airport—affecting routes to Minsk, Yerevan, Kaliningrad, Grozny, Astrakhan and others MarketScreener+4The Kyiv Independent+4The Edge Malaysia+4.

  • Claims: A hacking group named Silent Crow, in collaboration with Belarusian activists Cyber Partisans BY, claimed they infiltrated Aeroflot over a year, gained full network access, and allegedly destroyed 7,000 servers, exfiltrating ~20 TB of data The Edge Malaysia+2The Kyiv Independent+2Reuters+2.

  • Threats: In their Telegram statement, the group warned they would soon release the personal data of all Russians who’ve ever flown with Aeroflot The Edge Malaysia+1Reuters+1.

  • Verification: Neither the airline nor independent sources have verified the scale of damage or data theft; Aeroflot simply confirmed service disruptions and said recovery efforts are underway sos-vo.org+7Reuters+7The Kyiv Independent+7.

🔍 Key Takeaways for Cybersecurity Pros

  • Insider-level persistence
    A year-long undetected foothold suggests severe shortcomings in perimeter monitoring, intrusion detection, and lateral movement defenses.

  • Destructive payloads
    Claims of server destruction reinforce the growing trend toward disruptive data wiper or ransomware-like tactics—increasing the need for immutable backups and incident response readiness.

  • Data exposure risk
    Threats to release passenger records highlight how attacks can quickly escalate from operational disruption to major privacy breaches and reputational crises.

  • Geopolitical motivations
    Operating in the context of the Russia–Ukraine conflict, the attackers invoke political slogans and activist messaging—emphasizing that geopolitically-motivated hacktivism remains a serious corporate risk.

  • Crisis communication lapses
    The lack of detailed acknowledgment from Aeroflot underscores the importance of transparent—and timely—incident updates both for customers and the broader ecosystem.

Follow us on X and Linkedin for the latest cybersecurity news

Source : hxxps://www.reuters[.]com/en/russias-aeroflot-suffers-it-failure-hackers-claim-responsibility-2025-07-28/