Grupo Aeroportuario del Centro Norte

History

2024: The operation of 13 airports in Mexico is paralyzed due to a ransomware virus attack. Hackers demand ransom

In late October 2024, hackers attacked a service operator at 13 airports across Mexico, paralyzing its electronic systems. Grupo Aeroportuario del Centro Norte had to turn to backup systems to continue operations at airports in central and northern Mexico, serving more than 19 million passengers a year.

Hacker group RansomHub claimed responsibility for the incident and threatened to leak 3 terabytes of stolen data if a ransom was not paid. The cost of the required buyout was not disclosed. It is known that this group appeared in February 2024 and has already organized more than 210 cyber attacks.

𝓲

Freepik

Our IT team, in collaboration with external cybersecurity experts, is actively investigating the incident to determine its scale and ensure the integrity, privacy and availability of our systems are protected, the operator said. - We are currently performing all necessary operations through alternative and backup systems. The cyber attack did not have a material negative impact on the company's operations or financial performance. The impact assessment will be continuously updated until the incident is fully resolved.

The company did not respond to requests for comment, but continues to warn passengers about possible problems due to disruptions in the normal operation of airports. Monitors indicating terminals still do not work, but employees who provide assistance to passengers are on duty around airports. In addition, passengers are sent QR codes that help find boarding gates. The company encourages passengers to arrive at the airport on time and follow the accounts of local airlines on social networks for timely receipt of important information.^[1]

Notes