On December 26, 2024, Japan Airlines (JAL) experienced a cyberattack that disrupted its operations, causing delays across more than 40 flights. The attack, which began at 7:24 AM JST, affected JAL’s network equipment connecting internal systems to external networks, leading to malfunctions in the airline’s communication systems. As a result, JAL temporarily suspended ticket sales for same-day departures, and the airline’s mobile app was disabled, causing inconvenience for many passengers.
Within 90 minutes of detecting the attack, JAL took immediate action by shutting down the affected router to prevent further damage. The airline worked diligently to restore its systems throughout the day. By the afternoon, JAL resumed ticket sales for same-day flights, and the impacted systems were back online. Although the disruption was significant, JAL confirmed that no customer data had been compromised, and there was no evidence of a virus or data breach.
Despite the technical issues, JAL emphasized that the safety of its flights was not compromised. While the cyberattack affected flight operations and delayed more than 40 flights, no international flights were canceled. The airline also had to suspend standby services for domestic flights, but normal operations slowly resumed later in the day. JAL assured the public that its security measures were in place to prevent similar incidents in the future.
JAL launched an internal investigation to determine the origin of the cyberattack and identify any potential threats. The airline’s cybersecurity team swiftly analyzed the situation and implemented corrective measures to strengthen their defenses. Although no group claimed responsibility for the attack, the incident highlights the increasing vulnerability of industries like aviation, which rely heavily on digital infrastructure for real-time operations. Japan Airlines continues to monitor the situation closely while reinforcing its cybersecurity protocols to safeguard against future disruptions.