Cyber Incident Victim: Aerticket
Date:
Mar 2025
Location:
Germany
Summary
AERTiCKET experienced a cyberattack that caused technical disruptions, notably affecting its Cockpit booking system. A crisis team was immediately formed and IT staff, together with external experts, are working to restore the system and keep customers in Germany, Austria, Switzerland and worldwide informed of progress. The company assumes only minimal data loss at this time, while the incident is under thorough investigation with external assistance to determine the attack source and necessary security measures. Despite the challenges, there is confidence that applications will be gradually brought back online and normal operations resumed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Sunday, March 9, 2025, AERTiCKET experienced a cyberattack that resulted in technical failures across its services. The incident disrupted the booking system known as Cockpit, which is used by travel agencies for reservations. The attack prompted immediate concern among customers in Germany, Austria, Switzerland, and other international markets. AERTiCKET confirmed that all affected clients were notified about the disruption and would receive regular updates on the status of recovery efforts. The company emphasized that, based on the information available at the time, only a minimal amount of data appeared to have been lost, although a precise assessment was still pending.
In response to the attack, AERTiCKET established an internal crisis team to analyze the situation and coordinate the response. The organization’s IT specialists began working closely with external cybersecurity experts to restore the Cockpit booking system as quickly as possible. Continuous communication with customers was maintained to keep them informed of progress and expected timelines for service restoration. The company reiterated that IT security and data protection remained its highest priorities throughout the incident.
External experts were engaged to assist in determining the origin of the attack and to evaluate the measures needed to restore system security and prevent future incidents. AERTiCKET stated that a thorough investigation was underway and that the findings would guide any necessary improvements to its defenses. Despite the ongoing challenges, the company expressed confidence that its applications would be gradually brought back online and that normal operations could resume in the near future.