Cyberattack on Aeroflot: Hackers Unveil CEOs Flight Details Amid Denials

Ukrainian and Belarusian hackers, who took credit for a significant cyberattack on Aeroflot, announced on Friday that they had released the flight records of the Russian airline’s CEO, despite official statements denying any data breaches.

The cyber operations were reportedly conducted by the Ukrainian group Silent Crow and the Belarusian group Cyber Partisans, which resulted in the grounding of numerous Aeroflot flights from Monday to Tuesday.

Aeroflot and the Russian Ministry of Transportation attributed the incident to an «IT failure,» while federal investigators have initiated a criminal inquiry into the suspected cyberattack.

On Thursday, Roskomnadzor, the Russian state media regulator, told journalists that it had received “no confirmation” regarding any data breaches.

In retaliation, Cyber Partisans shared a screenshot that seemingly displayed the flight activity of Aeroflot’s CEO, Sergei Alexandrovsky, for the period between April 2024 and June 2025. This image, which obscured parts of his name and passport number, also revealed his date of birth and travel routes, including domestic flights from Moscow to St. Petersburg, Krasnoyarsk, and Novosibirsk.

The authenticity of this data could not be independently verified by The Moscow Times.

“Expect more Aeroflot data leaks soon,” Cyber Partisans stated on Telegram.

The hackers claimed to have infiltrated flight history databases, taken control of employees’ computers, compromised corporate infrastructures, and extracted information from surveillance and wiretapping systems. They also asserted that they had destroyed approximately 7,000 servers.

Additionally, Cyber Partisans alleged that Alexandrovsky had not updated his corporate password since 2022.

Aeroflot has yet to respond to these recent allegations.