These US airlines were targeted by cyber hackers this month

WestJet and Hawaiian Airlines have both been victims of cyberattacks recently.

The FBI singled out Scattered Spider in an alert Friday, in which the bureau said the group was “expanding its targeting to include the airline sector.”

Scattered Spider was linked to the hacking and extortion of Caesars Entertainment and MGM Resorts International in 2023, which led the former to pay a ransom of approximately $15 million.

Hackers were able to access a significant number of driver’s license numbers and possibly even Social Security numbers of the casino customers through the ransomware demand.

“These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access,” the FBI alert said.

“They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the warning continued. “Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware.”

The chief technology officer of Google’s cloud security company, Mandiant, warned the industry to “take steps immediately to harden systems.”

WestJet said it had made “significant progress” to resolve a hack it suffered earlier this month.

Hawaiian Airlines told the Securities and Exchange Commission it discovered its hack on Monday.

“On June 23, 2025, Hawaiian Airlines, an Alaska Air Group, Inc. subsidiary, identified a cybersecurity incident affecting certain information technology systems,” the company said in a filing. “Upon learning of this event, we immediately took steps to safeguard Hawaiian’s operations and systems. Flights are currently operating safely and as scheduled.”

The Federal Aviation Administration told Reuters it was in contact with Hawaiian Airlines. “There has been no impact on safety, and the airline continues to operate safely. We are monitoring the situation,” the agency said.