Russia’s largest airline, Aeroflot, has faced major flight cancellations for a second day after a cyberattack hit its IT systems. The attack, which began on July 27, 2025, led to over 100 flights being canceled, mostly at Moscow’s Sheremetyevo Airport.
On July 29, Aeroflot canceled 22 outbound and 31 inbound flights at Sheremetyevo Airport, including some operated with its subsidiary Rossiya Airlines. The day before, 59 round-trip flights were canceled out of 260 planned. By 10:00 a.m. Moscow time on July 29, Aeroflot reported that 93% of scheduled flights were running, showing some recovery. Most disruptions affected Moscow, while regional flights continued as usual.
The pro-Ukrainian hacking group Silent Crow, working with Belarusian activists Cyberpartisans BY, claimed responsibility. They said they spent a year inside Aeroflot’s systems, destroyed about 7,000 servers, and accessed up to 22 terabytes of data, including passenger and employee information. They threatened to leak personal data, but so far, no evidence of a leak has surfaced. The hackers said they took advantage of old IT systems and weak passwords, including one allegedly unchanged since 2022.
Aeroflot’s website was briefly down, and departure boards at Sheremetyevo Airport showed widespread delays and cancellations. The Russian Prosecutor General’s Office confirmed the cyberattack and started a criminal investigation. Lawmakers and officials called for accountability, not just for the hackers but also for those responsible for Aeroflot’s IT security. The Kremlin called the attack “worrying,” raising concerns about the safety of Russia’s critical infrastructure.
Aeroflot has struggled with operational challenges since 2022, when Western sanctions limited access to spare parts, maintenance, and insurance. The airline had to switch from foreign IT providers to Russian-made systems, spending about $11 million on digital security in 2024. Despite these efforts, the cyberattack exposed serious weaknesses.
For passengers, the main impact has been delays and cancellations, especially for flights to and from Moscow. Some international routes, like Minsk and Yerevan, were also affected. There is a potential risk of personal data exposure, though no confirmed leaks have been reported. Aeroflot says online and airport check-in services are working, but passengers should check flight status before traveling.
According to analysis by VisaVerge.com, this incident highlights the growing use of cyberattacks in international conflicts and the risks for travelers and airlines alike. Experts warn that outdated systems and weak regulations leave organizations open to similar threats.
Passengers needing help should:
– Check Aeroflot’s official website (www.aeroflot.ru) and social media for updates
– Contact customer service or airport information desks for real-time flight status
– Keep records of cancellations or delays for possible compensation
The Russian government is expected to review cybersecurity rules for state-owned companies. Silent Crow and allied groups have threatened more attacks, so ongoing risks remain. For official updates on aviation security, readers can visit the Russian Prosecutor General’s Office.
As Aeroflot works to restore normal operations, travelers and staff should stay alert for further developments and possible data security issues.
Learn Today
Cyberattack → An unauthorized attempt to access or damage a computer system or network causing operational disruption.
Sheremetyevo Airport → Moscow’s primary international airport, where most Aeroflot flight cancellations occurred due to the cyberattack.
Silent Crow → Pro-Ukrainian hacking group claiming responsibility for infiltrating Aeroflot’s IT systems for a year.
Data Leak → The unauthorized release or exposure of confidential information, such as passenger or employee data.
Digital Security → Measures and technologies to protect IT systems from unauthorized access and cyber threats.
This Article in a Nutshell
Aeroflot faces major disruptions after a cyberattack destroyed thousands of servers and canceled over 100 flights, mainly at Moscow’s airport, raising data security concerns.
— By VisaVerge.com
