Particle.news
Download on the App Store
5 ARTICLES
·
4h ago

Scattered Spider Targets Airlines and Transportation Networks

Security firms say Scattered Spider’s social engineering breaches have hit airlines this month.

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski/Illustration/File Photo
A Hawaiian Airlines plane en route to Honolulu on March 15, 2025.

Overview

  • The hacking collective known as Scattered Spider has extended its sector-by-sector approach from retail and insurance to include airlines and transportation companies.
  • WestJet confirmed a June 12 breach in its Citrix environment after attackers used a self-service password reset to register unauthorized MFA credentials.
  • Hawaiian Airlines disclosed a cyberattack late this week that sources attribute to the same group behind the WestJet intrusion.
  • American Airlines is facing an IT outage with no public confirmation of a security compromise.
  • Cybersecurity experts from Mandiant and Palo Alto Networks urge organizations to harden help-desk identity checks and lock down self-service reset platforms against phishing and MFA-bombing tactics.