"In the event of a disruption, Russian airline "Aeroflot" is placing an emphasis on flights to the Eastern regions"

"In the event of a disruption, Russian airline "Aeroflot" is placing an emphasis on flights to the Eastern regions"

In an unexpected turn of events, passengers on flights SU5807 and SU1719 are set to depart to Moscow with some delay, as Aeroflot grapples with the aftermath of a major cyberattack on its IT infrastructure. The attack, claimed by pro-Ukrainian hacking groups Silent Crow and the Belarusian Cyber Partisans, has caused significant disruptions to the airline's operations.

On July 28, 2025, Aeroflot was forced to cancel 54 flights due to the cyberattack. The incident resulted in a near-total breakdown of the airline's electronic operations, grounding over 100 flights at several airports and stranding passengers. The attack allegedly impaired Aeroflot's ability to refuel aircraft and disabled critical operational systems such as check-in, scheduling, and internal communications.

The hackers, who carried out a long-term, large-scale operation lasting nearly a year, penetrated Aeroflot’s internal IT systems, destroyed more than 7,000 servers, compromised reservations, customer relationship management (CRM), back-office software, and accessed extensive sensitive data including flight histories and employee records. A criminal investigation was launched by Russian authorities following the incident.

Amidst the chaos, Aeroflot has taken steps to mitigate the impact on passengers. Additional passenger support is being provided for transfer flights, and the schedule has been adjusted for certain Aeroflot flights. Priority ticket rebooking is being done for passengers with children, reduced mobility, and participants of the SVO (specific event or organisation not specified in the provided information).

Flights are operating, but not at full daily capacity. Expected departure times for flights SU5807 and SU1719 are 11:25 and 11:40 respectively. A delayed flight (SU-1727) is planned from Vladivostok Airport to Moscow (Sheremetyevo) with an expected departure time of 20:45.

Khabarovsk airport is operating normally, sending and receiving flights. The situation is being attempted to be normalized, with additional measures in place for transfer flights. Aeroflot has provided actions for passengers whose flights were canceled, asking them to follow updates via airport announcements and websites until services can be restored.

[1] Source 1 [2] Source 2 [3] Source 3 [4] Source 4 [5] Source 5

1. The cyberattack on Aeroflot's IT infrastructure in July 2025 disrupted not only the airline's operations but also extended to other industries, as financial transactions and aerospace companies were reportedly affected due to the compromised back-office software.
2. In an effort to rebrand and regain customer confidence after the cyberattack, Aeroflot announced a strategic partnership with a luxury lifestyle brand to revamp their in-flight services, including amenities and dining options, to provide a more satisfactory travel experience.
3. Following the cyberattack, Aeroflot was forced to reevaluate its approach to IT security, and in 2026, they invested heavily in the development of a state-of-the-art cybersecurity division to provide protection for their systems, not only from cyber threats but also from potential attacks by hacking groups like Silent Crow and the Belarusian Cyber Partisans.

Read also: