Sunday, May 29, 2022

SpiceJet postpones March quarter results after ransomware attack

Chennai: SpiceJet on Friday said none of its crew and employee credentials were compromised or leaked during the attempted ransomware attack earlier this week, even as the company informed the stock exchange that the attack on its IT systems has affected its audit process, necessitating a delay in the release of quarterly earnings.

The company has postponed its quarterly results and board meeting scheduled on May 30, and a revised date will be communicated later. There was speculation regarding a possible compromise of credentials during the attack.

According to a report by CloudSEK, a cyber-security start-up, the exposed PII (personally identifiable information), IP addresses, login and other confidential details could lead to compromised accounts and render systems vulnerable to future cybersecurity attacks and data leaks. “As per our initial investigation, there are no leaks of any of the above and there are no compromised accounts,” it said in response to Business Standard.

“There was no chatter on cybercrime forums or discussion channels regarding SpiceJet, credentials to several sub domains were available at different marketplaces which sell initial accesses,” the report by cybersecurity start-up said.

“In general, domains that we don’t own can always be used by any party. We don’t see how this has led to the conclusion that crew and employee credentials have been compromised as our initial investigation shows nothing of the sort,” the company said in response to a question on whether employee data was compromised.

According to media reports, the airline’s software that deals with operations and flight planning came under attack on Wednesday. Airlines use software to keep a record of hours flown by pilots. This helps them assign duties considering regulations on flying time. It is also used to maintain a record of the hours flown by each aircraft for maintenance purposes. Following the attack, several flights of the airline were delayed. The company said its IT systems are constantly being monitored to prevent any attacks. “We are investigating the root causes of the recent attempted attack which was contained due to the protections we already have in place. Based on our findings additional steps may be taken,” SpiceJet added.

28/05/22 Shine Jacob/Business Standard

To Read the News in full at Source, Click the Headline


Post a Comment