Hackers who hacked Aeroflot said that the company still uses outdated Windows XP, and the CEO has not changed his password for three years
The large-scale hacking of Aeroflot’s IT systems, which destroyed thousands of servers of the largest Russian air carrier, became possible also because the company’s employees did not comply with security rules, the Belarusian hacker group “Cyberpartisans” reported on its website.
Aeroflot CEO Sergey Alexandrovsky, activists say, has not changed his password since 2022. In addition, the airline used outdated Windows XP and Windows 2003 operating systems in its networks, which “led to the compromise of their entire infrastructure” and made it possible to reach its kernel, the hackers said. They also noted that they were in the Aeroflot corporate network for “many months” before implementing the hack, which began on the night of July 28.
“By morning, we had destroyed more than 7,000 servers and workstations, databases and internal systems,” the hacktivists said. They specify that “they have extracted a lot of wiretapping data and internal documents”, and promise to publish them later. “The corporate network [of Aeroflot] is in ruins, most of the data is lost forever,” say Cyberpartisans. They promised to continue the attacks.
In an interview with Deutsche Welle Belarus, hackers specified that the complexity of hacking the airline’s systems was on the large scale of the network. According to them, the attack affected “about 8 thousand computers (PC and server), under a hundred different systems”.
On the morning of July 28, Aeroflot reported that its IT system had failed, without specifying its cause and timing of solving the problem. This led to the cancellation of almost a hundred flights and another collapse at Sheremetyevo Airport. Hackers from Silent Crow and Cyberpartisan took responsibility for the attack on Aeroflot. According to them, all critical corporate systems were compromised, and control over employees’ computers, including management, was gained. In addition, data from wiretapping servers, from surveillance and personnel control systems fell into the hands of hackers. The amount of information received was estimated by the intruders in 12TV databases, 8TB files with Windows Share and 2TB of corporate mail.
‼️ Russia: “Hackers who hacked Aeroflot revealed that the company uses outdated Windows XP, and the CEO has not changed the password for three years”
HAHAHAHAHAHAHAHAHAHAHAHAhttps://t.co/n831tGOwZg pic.twitter.com/a5AATkjx6i
— Prune60 (@Prune602) July 28, 2025