Japan Airlines (JAL) announced that its systems have been fully restored following a cyberattack on Thursday that caused delays to both domestic and international flights. The airline, Japan's second-largest after All Nippon Airways (ANA), confirmed that no customer data was compromised and that flight safety remained unaffected.
“We have identified the cause and scope of the malfunction, and the system has been restored,” JAL stated on social media platform X.
The disruption, suspected to be a Distributed Denial-of-Service (DDoS) attack, led to the temporary suspension of ticket sales for flights departing on Thursday. However, sales have since resumed. While the attack caused minor disruptions, 24 domestic flights experienced delays of over 30 minutes. Problems with the baggage check-in system also resulted in delays at several Japanese airports, according to local media.
Despite the initial impact, JAL's shares, which fell by 2.5 percent in early trading, recovered to close down just 0.2 percent in the afternoon.
Separately, a transport ministry report released on Wednesday pointed to human error as the cause of a fatal January 2024 collision involving a JAL passenger jet and a coast guard plane at Tokyo’s Haneda Airport. The incident claimed the lives of five crew members aboard the smaller aircraft, which was on a mission to deliver earthquake relief supplies.
The report detailed that the coast guard plane's pilot misinterpreted air traffic control instructions, believing authorization had been granted to enter the runway. Additionally, the pilot was reportedly rushed due to a 40-minute departure delay. Compounding the issue, the air traffic controller failed to notice the runway incursion, despite an alarm warning of the situation.
The JAL Airbus, carrying 379 passengers and crew, escaped the crash without fatalities but was engulfed in flames shortly afterward.
JAL is the latest major Japanese organization to fall victim to a cyberattack. Recent years have seen an increase in such incidents across the country:
In 2023, the Japan Aerospace Exploration Agency (JAXA) was targeted, though sensitive data on rockets and satellites was not accessed.
The same year, a ransomware attack attributed to the Russia-based Lockbit group disrupted operations at one of Japan’s busiest ports.
In 2022, a cyberattack at a Toyota supplier forced the automaker to temporarily halt domestic production.
Popular video-sharing site Niconico was hit by a significant cyberattack in June 2024.
As Japan strengthens its digital infrastructure, the incidents highlight the increasing need for robust cybersecurity measures to protect critical systems and industries.