July 28, 2025 4:35 pm

The premier news source for Snohomish County

Alaska Airlines flying again after fleet grounded due to IT outage

An Alaska Airlines system-wide IT outage on Sunday, July 20, led to a three-hour grounding of all mainline and Horizon Air flights, affecting thousands of travelers and echoing similar incidents over the past year. The nationwide IT outage, coincided with Microsoft’s alert on active cyberattacks targeting its server software, though no direct link has been confirmed.

alaska airlines
Source: Alaska Airlines

The outage began around 8 p.m. Pacific Time, prompting Alaska Airlines to request a ground stop from the Federal Aviation Administration (FAA). An FAA advisory noted that the airline asked to ground over 200 planes, later expanding the request to include its Horizon Air subsidiary.

In a post on X at 11:02 p.m. PST, Alaska Airlines stated: “At approximately 8 p.m. Pacific on July 20, we experienced an IT outage that resulted in a temporary, system-wide ground stop for Alaska Airlines and Horizon Air flights. As of 11 p.m. Pacific, the ground stop has been lifted, and our operations have resumed. As we reposition our aircraft and crews, there will most likely be residual impacts to our flights. It will take some time to get our overall operations back to normal. We apologize for the inconvenience and encourage guests to check the status of your flight before leaving for the airport.”

This marks the second time in over a year that Alaska Airlines has halted its fleet due to IT issues. In April 2024, the airline grounded its entire fleet because of a problem with the system that calculates the weight and balance of planes, which is critical for operational safety. That incident caused delays and cancellations, impacting thousands of passengers.

Back in September of 2024, an IT issue led to “significant disruption” and a ground stop at Seattle-Tacoma International Airport when multiple customers were unable to check into their flights on the Alaska Airlines app and website. 

The lack of specific details about the July 20 outage has raised questions about potential cyber threats, particularly given its timing.

On the same day as a system-wide IT outage led to a three-hour grounding of the Alaska Airlines fleet in the United States, Microsoft issued an alert about “active attacks” on server software, specifically on-premises SharePoint servers (versions 2016 and 2019) used by government agencies and businesses for sharing documents. The vulnerability, described as a “zero-day” exploit—meaning it was previously unknown and unpatched—allows an authorized attacker to perform spoofing over a network, potentially manipulating systems by hiding the attacker’s identity and appearing as a trusted entity. Microsoft urged customers to apply security updates immediately or disconnect servers from the internet if updates were unavailable. SharePoint Online in Microsoft 365, being cloud-based, was not affected.

The Federal Bureau of Investigation (FBI) acknowledged the attacks on Microsoft SharePoint servers, stating on Sunday that it is aware and working closely with federal and private-sector partners, but provided no further details.

Sunday’s Alaska Airlines incident fits into a broader pattern of IT disruptions and cyber-attacks plaguing the airline industry.

Almost a year earlier, on July 19, 2024, a faulty CrowdStrike update caused a major global tech outage affecting computers running Microsoft Windows, leading to widespread disruptions. Airlines such as American Airlines, Delta Airlines, and United Airlines were hit hard, with over 2,000 flights canceled and more than 4,000 delayed in the U.S. alone. The outage impacted check-in systems, boarding pass scanners, and other operations, creating chaos at airports worldwide, though resolved within a day.

U.S. Senator Maria Cantwell (D-WA), Chair of the Senate Committee on Commerce, Science and Transportation, held a hearing on “Aviation Cybersecurity Threats” at our nation’s capital on September 18, 2024, that examined the cybersecurity threats airports and airlines have been faced with recently, and to discuss how the aviation sector can bolster its resiliency against similar attacks in the future.

aviation cybersecurity
Senator Maria Cantwell (D-Washington) discussing aviation cybersecurity with Lance Lyttle, Aviation Managing Director for Sea-Tac on September 19, in Washington, D.C. SOURCE: Office of Senator Maria Cantwell.

The Seattle-Tacoma International Airport (Sea-Tac) was the victim in a wave of cyberattacks against airports nationwide in 2024, which began on August 24 and disrupted airport operations for three weeks including gate information displays, baggage handling, and flight check-ins. This further resulted in cancelled and delayed flights for passengers and airport employees having to handwrite tickets and personally direct passengers. Collecting baggage was also a challenge as airport staff had to manually sort thousands of checked bags at the terminal.

WestJet reported that on June 13, 2025, it detected suspicious activity on its systems, which was identified as unauthorized access by a sophisticated criminal third party. The airline promptly contained the incident and secured its systems,

More recently, on June 26, 2025, Hawaiian Airlines posted on X: “Hawaiian Airlines is addressing a cybersecurity event that has affected some of our IT systems. Our highest priority is the safety and security of our guests and employees. Flights are operating safely. We will share updates as available.”

With the upcoming World Cup in 2026 and the Olympics in 2028, these recurring IT outages and cyber-attacks illustrate the urgent need for robust infrastructure in the airline industry. The FAA Reauthorization bill, which was signed into law in May 2024, included a subtitle strengthening cybersecurity, including directing the FAA to establish a process to track and evaluate aviation cyber threats, and designating a Cybersecurity Lead at the Agency.

Mario Lotmore
Author: Mario Lotmore

Leave a Reply

Your email address will not be published. Required fields are marked *

Tell Us What You Think

This poll is no longer accepting votes

If you are IAM member, will you vote to approve the October 19 tentative agreement with Boeing? Poll ends 11:59 p.m., Oct 22, 2024.
  • Yes43.12%
  • No56.88%
    Verified by MonsterInsights