Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected

Hawaiian Airlines, the tenth-largest commercial airline in the United States, confirmed a cybersecurity incident on June 26–27, 2025, disrupting access to some internal systems while maintaining normal flight operations. The airline emphasized that passenger travel and bookings remained unaffected, with no disruptions to its full flight schedule. The incident highlights the growing targeting of aviation infrastructure by cyber threats, though the airline has yet to disclose the scope of the breach or the identity of the attackers¹.

Incident Overview and Response

The cyberattack impacted Hawaiian Airlines’ IT systems, though critical flight operations, including reservations and departures, continued without interruption. The airline engaged cybersecurity experts and federal authorities to investigate the breach and restore affected systems. In a statement released on June 26, Hawaiian Airlines assured customers that steps had been taken to safeguard operations, noting that flights were operating safely and as scheduled². The incident aligns with a broader trend of cyberattacks targeting transportation sectors, as noted in recent reports by industry analysts³.

Technical Impact and Mitigation

While the airline has not disclosed specific technical details about the attack, the compromise of IT systems suggests potential vulnerabilities in backend infrastructure or third-party services. Hawaiian Airlines’ reliance on hub airports—Honolulu (HNL), Kahului (OGG), Kona (KOA), and Lihue (LIH)—for domestic operations underscores the importance of securing networked systems against disruptions. The airline’s prompt engagement with external experts indicates adherence to incident response protocols, though the lack of public details about data access or attacker methods leaves key questions unanswered¹.

Relevance to Security Professionals

For security teams, the incident serves as a case study in maintaining operational continuity during cyber disruptions. Key takeaways include the importance of isolating critical systems, monitoring for lateral movement, and validating third-party vendor security. Hawaiian Airlines’ ability to keep flights operational despite IT compromises suggests robust segmentation between administrative and operational technology (OT) networks—a best practice for critical infrastructure⁴.

Remediation and Future Considerations

Organizations in similar sectors should prioritize the following measures: (1) Conducting regular penetration tests on both IT and OT networks, (2) Implementing strict access controls for administrative systems, and (3) Developing incident response playbooks for cyber-physical systems. Hawaiian Airlines’ ongoing restoration efforts will likely include forensic analysis to identify attack vectors, which could inform future defenses for the aviation industry⁵.

Conclusion

The Hawaiian Airlines cyberattack underscores the resilience of well-segmented networks but also highlights persistent threats to critical infrastructure. As investigations continue, the aviation sector must balance transparency with security to mitigate risks without compromising sensitive details. Future updates may reveal whether this was a targeted attack or part of a broader campaign against transportation networks.