Persisting cyberattack at Seattle airport disrupts Labor Day weekend travels
Seattle-Tacoma International Airport Continues Recovery After Major Cyberattack
Seattle-Tacoma International Airport (SeaTac) is still recovering from a significant cyberattack that occurred in August 2024. The attack, perpetrated by the hacker group Rhysida, resulted in the theft of over 90,000 files of sensitive airport data and disrupted various operations at the airport for several days.
The nature of the attack involved data theft and disruption, leading to a three-day outage of internet, phone, and other critical systems at SeaTac. This incident highlighted vulnerabilities in airport IT infrastructure and was part of an increasing trend of cyberattacks targeting airports and airlines.
Despite the disruptions, the airport's security systems were not impacted, and screening measures remain intact. Airport staff have started turning on and testing systems for international and low-volume carriers, which have been the most heavily impacted by the outage. However, travelers are still encountering blank flight display screens and baggage display boards.
The investigation into the cyberattack is ongoing, and updates will be provided as they become available. The Port of Seattle's recovery efforts have been ongoing for almost a week since the cyberattack began disrupting services last Saturday.
In addition to the outage, various services for the Port of Seattle are offline, including the facilities' primary websites, phone, email, Wi-Fi, and common use check-in kiosks. The common use online assistance for carriers at Seattle-Tacoma International Airport is also inaccessible due to the ongoing outage.
Carriers are using manual, written boarding passes and luggage checks, which has caused longer lines for their customers. Travelers are advised to arrive early to allow for extra time during the check-in process.
Lance Lyttle, aviation managing director at the Port of Seattle, stated that most people will not notice a significant difference in their airport experience due to the outage. However, the airport is expecting over 500,000 passengers during the Labor Day weekend, and it remains to be seen how the ongoing outage will impact travel during this busy period.
The FBI has warned about a cybercriminal group named Scattered Spider, known for using social engineering tactics to gain access to IT systems. This group and similar actors have rapidly escalated their targeting of the airline sector, raising the overall threat level.
It is worth noting that a separate significant system-wide IT outage occurred at Alaska Airlines in July 2025, which grounded flights nationwide. However, this outage was not linked to a cyberattack or unauthorized activity, representing a distinct incident from the 2024 SeaTac cyberattack.
SeaTac continues to work with authorities on recovery and security enhancements to prevent future attacks and restore operations beyond the immediate incident period. The airport's commitment to restoring and securing operations is clear, and updates will be provided as they become available.
- In light of the ongoing cyberattack at Seattle-Tacoma International Airport, travelers are advised to prepare for potential delays and longer check-in times, as they may encounter issues with flight display screens and baggage display boards.
- The cyberattack, attributed to the hacker group Rhysida, has led to an increased focus on cybersecurity within the airline sector, with the FBI warning about the threat posed by groups like Scattered Spider, who use social engineering tactics to gain access to IT systems.
- As SeaTac continues its recovery from the cyberattack and works to enhance security measures, it is crucial for the general public and lifestyle enthusiasts to stay informed about technology news and cybersecurity updates to ensure their safety when traveling, especially during peak periods such as the upcoming Labor Day weekend.
