Cyber Incident Victim: RavnAir

On December 21, 2019, RavnAir canceled at least six flights across Alaska during peak holiday travel following a confirmed malicious cyber attack targeting its computer network. The attack specifically compromised the airline’s Dash 8 aircraft maintenance systems, forcing the company to disconnect both primary and backup systems for this fleet as a containment measure. This disruption directly impacted approximately 260 passengers, primarily affecting communities reliant on air service due to limited road access. All Dash 8 flights were grounded until noon while the airline coordinated with the FBI, external cybersecurity experts, and unspecified authorities to investigate and restore operations. RavnAir issued a public statement confirming the cyber attack as the cause of cancellations and emphasized efforts to minimize passenger inconvenience through rebooking on alternative flights where feasible. PenAir and RavnAir Connect flights continued normal operations using unaffected backup systems, indicating the attack’s scope was isolated to specific maintenance infrastructure.

By 1:00 p.m. local time, RavnAir restored Dash 8 flight operations for afternoon schedules and announced plans to add supplemental flights over the subsequent two days to accommodate displaced travelers. The company reiterated its collaboration with law enforcement and cybersecurity partners to fully resolve the incident but disclosed no technical specifics regarding the attack vector or threat actor. The cancellations occurred during one of the busiest holiday travel periods, with AAA projecting December 21–23 as the season’s peak airport congestion days. RavnAir’s operational adjustments mitigated broader network-wide disruptions, though the incident underscored vulnerabilities in regional aviation infrastructure during critical travel windows. No further flight cancellations or extended passenger impacts were reported following the partial system restoration.