Sweden

February 14, 2023

A recent multi-hour outage of Scandinavian Airlines (SAS) website and mobile app was caused by a cyberattack. The cyberattack caused passenger data to become visible to other passengers. This data includes contact details, previous and upcoming flights, as well the last four digits of the credit card number.

May 24, 2023

The hacker group “Anonymous Sudan” has made an unexpected demand of $3 million from Scandinavian Airlines (SAS) in order to halt distributed denial-of-service attacks (DDoS) that have been targeting the airline’s websites since February. Despite initially presenting themselves as politically-motivated hacktivists, the group appears to be resorting to using extortion tactics for financial gain.

On Monday, 29 May, Anonymous Sudan shared a ransom note on its Telegram channel claiming that SAS and its services have been paralyzed for more than five days. The company has responded to user complaints on Facebook, acknowledging an issue with its website and assuring customers that SAS is “working to resolve it quickly.” SAS did not respond to The Record’s inquiries.

Meanwhile, Anonymous Sudan continues to escalate their demands, raising their initial price from $3,500 to a staggering $3 million. Anonymous Sudan first began targeting SAS in February, knocking its website offline and exposing some user data. Some customers who attempted to log in to the SAS mobile app were sent to others’ accounts and had access to their contact information and itineraries. The group blamed the burning of a Quran during demonstrations in January protests in Stockholm for motivating the attacks.

Anonymous Sudan followed up the incident with cyberattacks on Sweden’s national public television broadcaster, German airports, Danish hospitals, as well as Israeli banks, news websites, and, most recently, a missile warning system.