Aeroflot - Russian Airlines Company Cyber Security Posture
aeroflot.ruAeroflot is Russiaโs de facto National carrier and largest Airline. Founded on March 17, 1923, Aeroflot is among the worldโs oldest airlines and one of Russiaโs most recognised brands. Aeroflot was the first Russian airline company to join the International Air Transport Association (IATA) in 1989. In 2013, Aeroflot carried 20.9 million passengers (18.4 percent up on 2012), 60.2 billion passenger-kilometres were flown (19.2 % increase), the load factor constituted 78.8%. The total of 31.4 million passengers flew with companies of Aeroflot Group in 2013 (+14.3%). Aeroflot under the Winter schedule of 2014, operates flights to 122 destinations in 53 countries (39 destinations in Russia). As part of its commitment to safety, Aeroflot operates the largest Centre of Flight Control (CFC) in Eastern Europe. The company also set up an up-to-date Emergency Operations Centre based on modern technologies. Aeroflot's Hub Control Centre has been put into operation in Sheremetyevo with the purpose to coordinate transfer connection processes and oversee the flight control at the airport. Aeroflot's Ecological Management and Control System incorporates up-to-date technologies and standards. The company has adopted Energy and Ecological Efficiency Program which is in full compliance with IATA's ecological strategy. The airline pays a special attention to its presence in the Russian market, especially Siberia and the Far East. Aeroflot places emphasis on constantly enhancing the quality of its products and services as well as on expanding its range. Aeroflot is committed to deploying the most effective information technologies to increase service quality and economic efficiency and relies on modern systems to power its Internet bookings. The company offers its passengers the most advanced self-service check-in options and in-flight amenities, including widening mobile phone and Internet access.
A-RA Company Details
aeroflot---russian-airlines
2280 employees
20633.0
481
Airlines and Aviation
aeroflot.ru
Scan still pending
AER_2931332
In-progress
A-RA Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
A-RA Global Score.png)
Aeroflot - Russian Airlines Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Aeroflot - Russian Airlines Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Aeroflot | Cyber Attack | 100 | 5 | 7/2025 | AER749072825 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: Aeroflot, Russia's largest airline and national carrier, suffered a cyberattack that caused widespread flight delays and cancellations. Over 50 flights were canceled, including popular domestic routes. The attack, claimed by pro-Ukrainian hacker groups Silent Crow and Belarusian Cyber-Partisans, compromised Aeroflot's IT infrastructure, leading to significant financial damage. The disruption impacted the airline's subsidiaries and caused long lines and delays at Russian airports. | |||||||
| Aeroflot | Cyber Attack | 100 | 8/2025 | AER833080125 | Link | ||
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The cyberattack on Aeroflot grounded flights, causing the cancellation or delay of over 100 flights and impacting roughly 20,000 passengers. The disruption resulted in potential data loss and reputational damage, with an estimated cost of $50 million. The hacker group Cyber Partisans claimed responsibility, leaking flight records belonging to the CEO and threatening to release more data. The attack exposed vulnerabilities in the airline's IT infrastructure, including weak passwords and outdated software. | |||||||
Aeroflot - Russian Airlines Company Subsidiaries
Aeroflot is Russiaโs de facto National carrier and largest Airline. Founded on March 17, 1923, Aeroflot is among the worldโs oldest airlines and one of Russiaโs most recognised brands. Aeroflot was the first Russian airline company to join the International Air Transport Association (IATA) in 1989. In 2013, Aeroflot carried 20.9 million passengers (18.4 percent up on 2012), 60.2 billion passenger-kilometres were flown (19.2 % increase), the load factor constituted 78.8%. The total of 31.4 million passengers flew with companies of Aeroflot Group in 2013 (+14.3%). Aeroflot under the Winter schedule of 2014, operates flights to 122 destinations in 53 countries (39 destinations in Russia). As part of its commitment to safety, Aeroflot operates the largest Centre of Flight Control (CFC) in Eastern Europe. The company also set up an up-to-date Emergency Operations Centre based on modern technologies. Aeroflot's Hub Control Centre has been put into operation in Sheremetyevo with the purpose to coordinate transfer connection processes and oversee the flight control at the airport. Aeroflot's Ecological Management and Control System incorporates up-to-date technologies and standards. The company has adopted Energy and Ecological Efficiency Program which is in full compliance with IATA's ecological strategy. The airline pays a special attention to its presence in the Russian market, especially Siberia and the Far East. Aeroflot places emphasis on constantly enhancing the quality of its products and services as well as on expanding its range. Aeroflot is committed to deploying the most effective information technologies to increase service quality and economic efficiency and relies on modern systems to power its Internet bookings. The company offers its passengers the most advanced self-service check-in options and in-flight amenities, including widening mobile phone and Internet access.
Access Data Using Our API
Get company history
Rapid.png)
A-RA Cyber Security News
Russia's Aeroflot suffers IT failure, hackers claim responsibility
Russian airline Aeroflot cancelled dozens of flights on Monday after what it called a failure in its information systems, and a shadowyย ...
Russia State Owned Aeroflot Adds with Hawaiian Airlines, Qantas, WestJet in Facing Severe Cybersecurity Threat, New Update on This for You
Aeroflot, Qantas, WestJet, and Hawaiian Airlines are just the latest examples of how increasingly sophisticated cyber threats are changing theย ...
Russiaโs Aeroflot cancels dozens of flights after cyber attack
Russian state-owned airline Aeroflot was forced to cancel dozens of flights on Monday, after a hacking group claimed credit for aย ...
Hackers Allegedly Destroyed Aeroflot Airlines' IT Infrastructure in Year-Long Attack
The attackers claim they penetrated the airline's network in mid-2024 through targeted phishing and zero-day exploits, slowly escalatingย ...
Who hacked Russiaโs Aeroflot servers, grounding flights and causing mayhem - did a US-backed group sabotag
A pro-Ukraine hacker group called Silent Crow claimed responsibility, saying they breached Aeroflot's systems for a year, accessing andย ...
Russiaโs Aeroflot cancels flights after pro-Ukraine hackers claim cyber-attack | Airline industry
More than 50 flights axed and 10 delayed as Silent Crow hacking group apparently claims responsibility.
Aeroflot Cancels Dozens of Flights After Computer Systems Hacked
Aeroflot said at least 50 flights into and out of Moscow's Sheremetyevo airport were canceled and others delayed due to a failure in its ITย ...
Cyberattack on Aeroflot causing mass flight disruptions, Russia says
Russian authorities confirmed on Monday that Aeroflot, the country's largest airline and national carrier, has been hit with a cyberattackย ...
Who is Silent Crow? Pro-Ukraine hackers take down Russian airline Aeroflot
Pro-Ukraine hackers take down Russian airline Aeroflot. Latest cyber attack is part of a series of incidents targeting key Russian targets.
A-RA Similar Companies
Delta Air Lines
Delta Air Lines (NYSE: DAL) is the U.S. global airline leader in safety, innovation, reliability and customer experience. Powered by our employees around the world, Delta has for a decade led the airline industry in operational excellence while maintaining our reputation for award-winning customer s
SAUDI AIRLINES
At Saudia Group, we're on a mission to inspire people to go beyond borders. Our purpose is rooted in unlocking human potential and connecting the world in ways never thought possible. We are committed to reshaping the aviation ecosystem in our region and beyond, by embracing innovation and a custome
Turkish Airlines
Turkish Airlines has soared to new heights since its first flight in 1933, becoming the airline that connects more countries than any other. Our commitment to excellence is reflected in the world-class service, comfort, and innovative travel experience we offer, designed to elevate every journey.
Menzies Aviation
At more than 200 airport locations across 6 continents, we offer landside and airside services tailored to our customersโ needs; timed to their schedules; and delivered by teams with the knowledge, tools and passion to set standards rather than chase them. Our core services include; Ground Handling
SpiceJet Limited
Through LinkedIn, we endeavor to connect with our flyers, exchange ideas, and announce new routes, products, and services, advertise for open positions, and continually evolve our services to better match customer needs. We encourage constructive discussion and feedback, however please note that thi
Thai Airways International
Thai Airways International Public Company Limited (THAI) is a public company registered in The Securities Exchange of Thailand since 1991 with the Ministry of Finance as a dominant shareholder of 47.86 percent. THAI operates the airlines business as a full service carrier, which provides the transp
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
A-RA CyberSecurity History Information
How many cyber incidents has A-RA faced?
Total Incidents: According to Rankiteo, A-RA has faced 2 incidents in the past.
What types of cybersecurity incidents have occurred at A-RA?
Incident Types: The types of cybersecurity incidents that have occurred incidents Cyber Attack.
What was the total financial impact of these incidents on A-RA?
Total Financial Loss: The total financial loss from these incidents is estimated to be $50 million.
How does A-RA detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through recovery measures with Restored services and resumed normal operations and communication strategy with Limited information released and law enforcement notified with Yes.
Incident Details
Can you provide details on each incident?
Incident : Data Breach, Ransomware
Title: Cyberattack on Aeroflot
Description: Hackers have leaked flight records allegedly belonging to the CEO of the Russian airline Aeroflot following a major cyberattack that grounded flights.
Date Detected: Monday
Date Publicly Disclosed: Thursday
Date Resolved: Thursday
Type: Data Breach, Ransomware
Attack Vector: Weak Passwords, Outdated Software
Vulnerability Exploited: Weak Passwords, Outdated versions of Windows
Threat Actor: Belarusian hacker group Cyber Partisans
Motivation: Unknown
Incident : Cyberattack
Title: Cyberattack on Aeroflot
Description: Aeroflot, Russiaโs largest airline, suffered a cyberattack causing widespread flight delays and cancellations. The attack was claimed by pro-Ukrainian hacker group Silent Crow and the Belarusian Cyber-Partisans.
Date Detected: 2023-10-02
Date Publicly Disclosed: 2023-10-02
Type: Cyberattack
Attack Vector: Unspecified
Threat Actor: Silent Crow, Belarusian Cyber-Partisans
Motivation: Political and financial disruption
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Weak Passwords and Outdated Software.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach, Ransomware AER833080125
Financial Loss: $50 million
Data Compromised: Flight records of the CEO, Entire flight history database, Audio recordings of internal calls, Surveillance footage, Employee monitoring data
Systems Affected: IT infrastructure
Downtime: More than 100 flights canceled or delayed
Operational Impact: Nearly half of daily operations affected
Revenue Loss: $50 million
Brand Reputation Impact: Significant
Legal Liabilities: Possible legal scrutiny if cybersecurity measures deemed inadequate
Incident : Cyberattack AER749072825
Data Compromised: flight history, audio recordings of internal calls, surveillance data, staff monitoring systems
Systems Affected: IT infrastructure
Downtime: Ongoing
Operational Impact: Widespread flight delays and cancellations
Revenue Loss: Stock dropped 4%
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $25.00 million.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Flight records, Surveillance footage, Audio recordings, Employee monitoring data, flight history, audio recordings of internal calls, surveillance data and staff monitoring systems.
Which entities were affected by each incident?
Incident : Data Breach, Ransomware AER833080125
Entity Type: Airline
Industry: Aviation
Location: Russia
Size: Large
Customers Affected: 20,000 passengers
Incident : Cyberattack AER749072825
Entity Type: Airline
Industry: Aviation
Location: Russia
Size: Large
Response to the Incidents
What measures were taken in response to each incident?
Incident : Data Breach, Ransomware AER833080125
Recovery Measures: Restored services and resumed normal operations
Communication Strategy: Limited information released
Incident : Cyberattack AER749072825
Law Enforcement Notified: Yes
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach, Ransomware AER833080125
Type of Data Compromised: Flight records, Surveillance footage, Audio recordings, Employee monitoring data
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Passport number
Incident : Cyberattack AER749072825
Type of Data Compromised: flight history, audio recordings of internal calls, surveillance data, staff monitoring systems
Data Exfiltration: Yes
Ransomware Information
Was ransomware involved in any of the incidents?
Incident : Data Breach, Ransomware AER833080125
Data Exfiltration: Yes
How does the company recover data encrypted by ransomware?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Restored services and resumed normal operations.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident?
Incident : Cyberattack AER749072825
Legal Actions: Criminal case opened
How does the company ensure compliance with regulatory requirements?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Criminal case opened.
References
Where can I find more information about each incident?
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: RoskomnadzorDate Accessed: Thursday, and Source: Cyber PartisansDate Accessed: Thursday, and Source: The InsiderDate Accessed: Thursday, and Source: Russian authoritiesDate Accessed: 2023-10-02.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Data Breach, Ransomware AER833080125
Investigation Status: Ongoing
Incident : Cyberattack AER749072825
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Limited information released.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach, Ransomware AER833080125
Entry Point: Weak Passwords, Outdated Software
High Value Targets: Aeroflot CEO
Data Sold on Dark Web: Aeroflot CEO
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Data Breach, Ransomware AER833080125
Root Causes: Weak Passwords, Outdated versions of Windows
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an Belarusian hacker group Cyber Partisans, Silent Crow and Belarusian Cyber-Partisans.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on Monday.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on Thursday.
What was the most recent incident resolved?
Most Recent Incident Resolved: The most recent incident resolved was on Thursday.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was $50 million.
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Flight records of the CEO, Entire flight history database, Audio recordings of internal calls, Surveillance footage, Employee monitoring data, flight history, audio recordings of internal calls, surveillance data and staff monitoring systems.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was IT infrastructure and IT infrastructure.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Flight records of the CEO, Entire flight history database, Audio recordings of internal calls, Surveillance footage, Employee monitoring data, flight history, audio recordings of internal calls, surveillance data and staff monitoring systems.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Criminal case opened.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Roskomnadzor, Cyber Partisans, The Insider and Russian authorities.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Weak Passwords and Outdated Software.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
