System Alert: Some Systems Offline

UPDATE: 10:50 PM Pacific.

A couple of hours ago, a main data storage server was hacked. We are in the process of restoring functionality from backups and the system appears to be back online now. Most flight plans, aircraft profiles, and pilot profiles will be restored but ones modified or created recently will be lost. We will attempt to recover those files after the system is fundamentally back online but the nature of the attack makes it unlikely that we’ll recover the lost files.

An initial evaluation of the hack does not indicate that the hackers stole any data. Rather, they modified all the files on the server to prevent access until paid a ransom (it’s called “ransomware”). Unfortunately, while the hackers ask for a large payment, evidence is such that they seldom bother to actually release the files once paid so our only option was to restore from a recent backup.

Your passwords, credit card info, etc. were not stored on this system.

We’re very sorry for this issue and will continue to investigate the consequences as well make changes to strengthen our defenses.

Sincerely,
Steve Podradchik
CEO

=========

A couple of hours ago one of our main storage servers was hacked.  We are in the process of restoring functionality from a backup.  Until that is complete, access to flight plans, aircraft profiles, pilot profiles, etc. will not be available.

We’ll keep you informed as the restore progresses.  We do not have an ETA at this time.

Thank you for your patience.

16 thoughts on “System Alert: Some Systems Offline

    • Thanks Gil. The system is now basically back online after the restore. However, as explained in the update to the original post, recently created or modified plans, aircraft profiles, and pilot profiles are not available and may be impossible to recover.

      Liked by 1 person

    • Hi Howard. Your login/password are NOT on that system. No personal info except what you have entered for pilot profile — name and address (essentially public info). The only exception would be if you use DUATS rather than Lockheed. If so, the password associated w/ your DUATS account would be part of your pilot profile. DUATS passwords are generally randomly generated so should not be the same password as you might use elsewhere. And, again, the type of attack seems to be aimed at extorting $ from us not getting data about you. The attack just scrambles all files on a disk; I don’t get the impression they copy data or attempt to read any of it but can’t be sure.

      Like

    • Hi Steve. No credit card info or login passwords were on that system and the type of attack does not indicate that the hackers were interested in collecting info — just trying to extort $ from us. The only thing there was your pilot profile, aircraft profile, and flight plans. So your name and address, basically what you can get from Google in 10 seconds, was all that was there. The only exception would be if you use DUATS (as opposed to Lockheed) for weather and filing. If so your DUATS password would be there (these are generally unique and randomly generated).

      Like

    • Hi JD, Thanks for the kind word.

      Sure. First, the issue has been resolved generally. Second, it only affected access to plans and aircraft/pilot profiles so the app always worked normally except for flight planning related functions.

      Like

  1. Thank so for all your hard work! Sorry that sorry bas&!$ds like this exist. Your diligence is just one more reason why we chose Seattle Avionics!

    Like

  2. Steve, thanks for the quick and thorough reply! Much appreciated. Hopefully not too much damage requiring expensive work.

    Like

    • Thanks, Tom. I appreciate that but our goal always has to be make things as painless as possible for customers. If writing a check would have worked, we would have. Instead we’ve beefed up system security and increased backup frequency.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s