alphv attacks Swissport

Incident Date:

February 15, 2022

World map



alphv attacks Swissport






silverton, United Kingdom

Exeter, United Kingdom

First Reported

February 15, 2022

Swissport Suffers Ransomware Attack by Alphv Group

Victim Profile

Swissport, a global leader in the aviation services industry, offers a wide range of services including passenger handling, cargo services, and industry analytics for airline retailing. The company collaborates with over 250 airlines in nine countries, showcasing its significant footprint in the aviation sector.

Attack Details

The Alphv ransomware group has taken responsibility for a cyberattack against Swissport, leading to the unauthorized disclosure of sensitive information. This includes business documents, tax records, and personal identification details of employees and job applicants. The repercussions of this breach have notably disrupted Swissport's operational capabilities, causing delays in flight schedules.

Industry Vulnerabilities

The aviation sector remains a high-profile target for cybercriminals, evidenced by the 62 ransomware attacks recorded against global aviation entities in 2022 alone. These adversaries range from ransomware syndicates aiming to disrupt operations for financial gain, to nation-state actors focused on exfiltrating sensitive customer data, and even fraudsters creating fake websites to deceive consumers.

Mitigation Strategies

Although specific countermeasures for Swissport or the broader aviation industry are not detailed, the necessity for comprehensive cybersecurity defenses is clear. Effective strategies to thwart ransomware threats include network segmentation, stringent access controls, continuous monitoring, ensuring staff readiness, and establishing clear protocols for incident reporting and response.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.