Cyber Incident Victim: Corendon Dutch Airlines
Date:
May 2025
Location:
Netherlands
Summary
Corendon was hit by a cyberattack carried out by Russian hackers, a fact confirmed by a spokesperson. The same attack also affected Arriva, and the perpetrators stated that the operation was a response to support for Kyiv. No further technical details or extent of the breach were disclosed in the report.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On May 1, 2025, De Telegraaf published an article titled 'Russische hackers slaan toe, cyberaanval treft Corendon en Arriva: ’Dat is wat er gebeurt als je Kiev helpt’'.
The article appears in the Binnenland section of the newspaper.
It reports that Russian hackers appear to have attacked Dutch companies again.
The piece includes an illustrative image credited to Getty Images.
The article states that spokespersons confirmed that Corendon and Arriva were victims this time.
It specifies that the attack targeted the travel company Corendon and the transport provider Arriva.
The title contains the phrase 'Dat is wat er gebeurt als je Kiev helpt'.
No further details about the nature or impact of the attack are given in the article.
The article also contains a call for readers to stay informed about the war in Ukraine via a newsletter.
It is followed by additional news items and promotional content unrelated to the incident.
The factual account provided is limited to the confirmation of the cyber attack on the two named companies.
Thus the known information consists of the publication date, the victims named, the attribution to Russian hackers, and the confirmation by spokespersons.