SpiceJet on Friday said none of its crew and employee credentials were compromised or leaked during the attempted ransomware attack earlier this week, even as the company informed the stock exchange that the attack on its IT systems has affected its audit process, necessitating a delay in the release of quarterly earnings.
The company has postponed its quarterly results and board meeting scheduled on May 30, and a revised date will be communicated later. There was speculation regarding a possible compromise of credentials during the attack.
According to a report by CloudSEK, a cyber-security start-up, the exposed PII (personally identifiable information), IP addresses, login and other confidential details could lead to compromised accounts and render systems vulnerable to future cybersecurity attacks and data leaks. “As per our initial investigation, there are no leaks of any of the above and there are no compromised accounts,” it said in response to Business Standard.
“There was no chatter on cybercrime forums or discussion channels regarding SpiceJet, credentials to several sub domains were available at different marketplaces which sell initial accesses,” the report by cybersecurity start-up said.
“In general, domains that we don’t own can always be used by any party. We don’t see how this has led to the conclusion that crew and employee credentials have been compromised as our initial investigation shows nothing of the sort,” the company said in response to a question on whether employee data was compromised.
According to media reports, the airline’s software that deals with operations and flight planning came under attack on Wednesday. Airlines use software to keep a record of hours flown by pilots. This helps them assign duties considering regulations on flying time. It is also used to maintain a record of the hours flown by each aircraft for maintenance purposes. Following the attack, several flights of the airline were delayed. The company said its IT systems are constantly being monitored to prevent any attacks. “We are investigating the root causes of the recent attempted attack which was contained due to the protections we already have in place. Based on our findings additional steps may be taken,” SpiceJet added.
According to Verizon’s 2022 Data Breach Investigations Report there has been an alarming rise in ransomware attacks, which rose 13 per cent in a year, which was greater than the past five years combined. “While the pandemic led to a rise in ransomware attacks, the inaction, or the delay in the implementation of technical and infrastructure changes in the new normal has made organisations more vulnerable,” said Anshuman Sharma, Head Investigative Response at Verizon.
SC likely to hear SpiceJet winding up case on Monday
SpiceJet informed the Supreme Court on Friday that it had reached a settlement with its Swiss creditor and requested it to list the matter on Monday against the Madras High Court’s order to wind up the airline company. The high court had ordered the airline company to wind up in December 2021 over non-payment of over $24 million dues to Credit Suisse. BS Reporter
To read the full story, Subscribe Now at just Rs 249 a month