Hawaiian Airlines on Thursday said its network systems have been taken out by a reported “cybersecurity event,” but that flights have not been impacted.
The US commercial carrier posted a notice on its website warning customers about an IT outage affecting its systems at 10:45 a.m. Pacific Standard Time (PST) on Thursday.
“Hawaiian Airlines is addressing a cybersecurity event that has affected some of our IT systems,” the Honolulu-based airline said in a statement sent to Cybernews.
The company said upon learning of the incident, it had “taken steps to safeguard our operations,” and had “engaged the appropriate authorities and experts to assist in our investigation and remediation efforts.”
Later on, the company updated its statement, reiterating that it “continues to safely operate our full flight schedule, and guest travel is not impacted.
The safety office of the Federal Aviation Administration (FAA) said it was in contact with the carrier and that it was “monitoring the situation.”
"There has been no impact on safety, and the airline continues to operate safely,” it said in a statement on Thursday.
Passenger data is always a target
“With international travel currently at its peak, the aviation industry is under immense pressure to deliver seamless service, and cybercriminals are exploiting that pressure,” said Dr. Darren Williams, Founder and CEO of ransomware prevention and Anti Data Exfiltration (ADX) firm BlackFog.
Williams explains that the airline sector is a treasure trove for cybercriminals, handling vast amounts of valuable passenger data.
With its main hub located in the state capital's Daniel K. Inouye International Airport (HNL) on the island of O‘ahu, Hawaiian Airlines serves more than 10 million passengers annually, according to its website.
“Increasingly, the primary goal of cyber attacks is often not just to access systems but to use sensitive or personal data as leverage for extortion attempts, or sold on the dark web for further criminal activity, such as phishing and identity fraud,” Williams says.
Cybernews has reached out to Hawaiian Airlines to ask about the safety of its passengers’ personal and financial information, a known target of hackers and specifically, ransomware attacks, but was referred back to the updated statement posted on its website.
The company did not specify which systems may have been impacted, but Cybernews can confirm that the airline’s website and mobile app were operating normally as of Thursday evening.
Tthe US carrier also posted on X that flights were “operating safely” and it would “share updates as available.”
“Our highest priority is the safety and security of our guests and employees,” it said.
Still, Williams points out that “with incidents like this one, highlighting how threat actors are actively and deliberately targeting airlines – operators must remain vigilant, investing in robust defences that safeguard customer data, protect operations, and customer trust.”
Hawaiian Airlines is addressing a cybersecurity event that has affected some of our IT systems. Our highest priority is the safety and security of our guests and employees. Flights are operating safely. We will share updates as available.
undefined Hawaiian Airlines (@HawaiianAir) June 26, 2025
Celebrating its 90th anniversary this year, the Hawaiian carrier flies well over 200 non-stop flights daily, servicing North America, Asia, and the South Pacific, as well as all of Hawaii’s eight major Islands.
In 2023, Hawaiian Airlines reported an annual revenue of $2.7 billion, according to Statista. The company, which has roughy 7,400 employees, announced it was joining forces with Alaska Airlines earlier this year.
Ransomware attacks on airlines happen
Cyberattacks targeting airlines and the aviation industry are not uncommon and have become more prevalant in recent years.
Last week, hackers breached Canadian airline WestJet, leading it to restrict access to its internal systems, although flights were operating without issues.
Last year, the Seattle-Tacoma International Airport was hit by the Rhysida ransomware gang in a massive cyberattack that lasted more than a month.
Air Canada was also claimed by the Bian Lian ransomware group that year, while global aviation leasing giant AerCap was also hit by ransomware in 2024, as well as Africa's Kenya Airways.
Previous victims in the aviation sector include Boeing by the LockBit gang, and Japan Aviation Electronics by the now-defunct ALPHV/BlackCat.
So far, no hacking group has come forward to claim responsiblity for the Hawaiian Airlines breach.
Your email address will not be published. Required fields are markedmarked