Hackers leak purported Aeroflot information as Russia denies breach

Hackers have leaked flight information allegedly belonging to the CEO of the Russian airline Aeroflot following a major cyberattack that grounded flights, as Moscow denies any information breach occurred.

Russia’s web watchdog Roskomnadzor said there was no affirmation that information had been leaked from Aeroflot after the corporate was hit by a large-scale cyber incident earlier this week that brought on mass flight disruptions.

“Details about a doable information leak from the corporate has not been confirmed,” the company instructed native media on Thursday, with out elaborating.

Shortly after the assertion, the Belarusian hacker group Cyber Partisans — which claimed duty for the assault — posted what it stated was journey information belonging to Aeroflot CEO Sergei Aleksandrovsky on Telegram. 

The information confirmed particulars of greater than 30 flights taken between April 2024 and June 2025. Investigative outlet The Insider reported that the passport quantity for Aleksandrovsky discovered within the leaked information matched one related to him that was seen in earlier information breaches. The authenticity of the leaked information has not been independently verified.

Cyber Partisans stated further information could be launched quickly. The group beforehand claimed it had exfiltrated the airline’s total flight historical past database, audio recordings of inner calls, and surveillance footage, together with worker monitoring information.

The assault compelled Aeroflot to cancel or delay greater than 100 flights on Monday — almost half of its each day operations — impacting roughly 20,000 passengers. The disruption, coupled with potential information loss and reputational harm, might value the airline as a lot as $50 million, based on estimates by Forbes Russia.

Whereas Aeroflot stated it had restored companies and resumed regular operations by Thursday, cybersecurity consultants warned full restoration of the airline’s IT infrastructure could take longer. Russian cybersecurity analyst Oleg Shakorov said the airline might additionally face authorized scrutiny if authorities conclude its cybersecurity measures have been insufficient.

Aeroflot has launched restricted details about the incident. The Cyber Partisans claimed they have been capable of breach the airline’s techniques as a result of workers used weak passwords, and the corporate relied on outdated variations of Home windows however these claims haven’t been independently verified.

The assault comes amid a broader wave of cyber disruptions throughout Russia. Two of the nation’s largest pharmacy chains have been hit this week, shutting down tons of of areas and halting funds and prescription companies. Different firms, together with grocery chain Vkusvill, low cost retailer Dobrotsen, supply platform Samokat, restaurant software program developer Iiko, and Russia’s state postal service, additionally reported outages, lots of which have been described as “technical failures.”

Learn more.