Cyber Incident Victim: Radixx

On April 19, 2021, Radixx, a technology provider for low-cost airlines and subsidiary of Sabre Corp., detected unusual activity within its reservations system. The company subsequently confirmed a malware attack had disrupted its operations, triggering a multi-day outage affecting approximately 20 budget carriers globally. Radixx did not disclose technical details regarding the malware variant or its initial intrusion vector. By April 23, Radixx initiated service restoration efforts while maintaining that customer information remained uncompromised throughout the incident. The parent company, Southlake, Texas-based Sabre Corp., reported the attack to the FBI, though no law enforcement findings were publicly disclosed. Radixx emphasized its systems operated independently from Sabre’s primary platforms serving larger airlines, limiting the attack’s scope to its dedicated reservations environment.

The outage severely disrupted airline operations during peak travel preparation periods. Startup carrier Avelo Airlines, preparing for its inaugural California flights, lost reservation capabilities and directed customers to browse unavailable flights via its website. FlySafair, a South African budget airline, deployed an emergency one-way ticket platform for flights through April 27 while publicly acknowledging uncertainty about full system recovery. Vietnam’s Vietravel Airlines maintained limited counter sales at airports by attributing disruptions to “system maintenance.” Industry context revealed frequent airline technology outages, with U.S. congressional data citing approximately monthly incidents between 2015-2017, often attributed to integration challenges between legacy and modern systems. No additional technical containment measures, attacker attribution, or long-term remediation steps were documented in available reports during the immediate outage period.