Cyber Incident Victim: Jeppesen
Date:
Nov 2022
Location:
United States of America
Summary
Jeppesen, a Boeing subsidiary that provides navigation and flight planning tools, confirmed a cybersecurity incident that disrupted its flight planning products and services, including the receipt and processing of Notice to Air Missions. The company reported technical issues with some of its products, services and communication channels, leading to flight planning disruptions but stated there was no threat to aircraft or flight safety. While the incident was suspected to involve ransomware, Boeing officials said they were still investigating and working with customers and regulatory authorities to restore full service as soon as possible.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Wednesday, Jeppesen added a red banner to its website warning visitors that the Colorado‑based firm was experiencing “technical issues with some of our products, services and communication channels.” The following day, the company confirmed that it was dealing with a cybersecurity incident that had caused flight planning disruptions. A Boeing spokesperson told The Record that the incident affected certain flight planning products and services but emphasized that there was no reason to believe it posed a threat to aircraft or flight safety. The spokesperson added that Jeppesen was in communication with customers and regulatory authorities and was working to restore full service as soon as possible. Although the full extent of the disruption was not disclosed, the incident was confirmed to be impacting the receipt and processing of current and new Notice to Air Missions (NOTAMs).

Matthew Klint, the author of the Live And Let's Fly travel blog, reported that the incident was believed to be ransomware, though the Boeing spokesperson could not confirm this characterization at the time of publication, describing the situation as still active. The article notes that the aviation sector has been repeatedly targeted by ransomware attacks, citing the May 2022 SpiceJet incident that grounded flights, the August 2022 Accelya breach linked to the BlackCat group, and the August 2022 Bangkok Airways breach that exposed passenger data following a ransomware event. It also references Boeing’s own experience with the WannaCry virus in 2018, when a spokesperson said the vulnerability was limited to a few machines, patches were deployed, and no production programs were interrupted. These contextual facts are presented to show the broader threat environment in which the Jeppesen incident occurred.
In response to the incident, Jeppesen and Boeing have been coordinating with affected customers and aviation regulators to manage the disruption and restore services. The spokesperson reiterated that the company is working to bring all flight planning tools and communication channels back online as quickly as possible. The article also mentions that the Transportation Security Administration has been pushing for a rule that would require aviation firms to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency within 24 hours, a measure intended to improve situational awareness across the sector. No further technical details about the attack vector, malware used, or attacker identity were provided in the source material. The narrative ends with the statement that Jeppesen continues to address the incident while monitoring its impact on flight planning operations.
