In a significant development in the ongoing battle against cybercrime, the FBI confirms hacker group behind Hawaiian Airlines attack, shedding light on a major security breach that disrupted airline operations earlier this year. The announcement, made public after an in-depth investigation, has raised concerns about the vulnerability of airline infrastructure and the growing threat posed by organized cybercriminals.
In March 2025, Hawaiian Airlines experienced a massive cyberattack that affected its booking system, customer support channels, and internal communications. Passengers reported flight delays, website outages, and difficulties in accessing their travel details. Initially classified as a technical outage, it was soon suspected to be a deliberate cyber intrusion.
After weeks of forensic analysis, the FBI has now confirmed that a well-known hacker group with international links was responsible for the cyberattack. According to the agency, the group had infiltrated the airline’s IT systems, potentially gaining access to sensitive customer and employee data.
The FBI confirms hacker group behind Hawaiian Airlines attack as being “Midnight Storm”, a notorious cybercriminal organization believed to be operating from Eastern Europe. This group has been linked to previous ransomware attacks targeting transportation, energy, and healthcare sectors.
The attackers reportedly used sophisticated phishing campaigns to breach Hawaiian Airlines' employee network, followed by the deployment of malware that disabled systems and encrypted critical files.
The FBI's Cyber Division, in collaboration with the Department of Homeland Security (DHS) and private cybersecurity firms, tracked down digital fingerprints left behind by the attackers. These included unique code signatures, IP addresses, and behavioral patterns consistent with the “Midnight Storm” group.
A spokesperson from the FBI stated:
“This attack reflects a rising trend in targeted ransomware operations, and we have strong evidence connecting it to known foreign cybercrime networks.”
The revelation that a hacker group was behind the attack has put other airlines on high alert. Industry experts warn that cyberattacks on airline infrastructure could have wider implications for national security and public safety.
Airlines worldwide are now urged to:
- Conduct regular security audits
- Train employees to recognize phishing attempts
- Invest in real-time threat detection systems
- Implement stricter access control measures