The flag carrier of Serbia, Air Serbia, suffered a significant data security breach that resulted in delayed payslips and impacted HR-related operations.
Recently, The Register reported that on July 4, Air Serbia’s IT team sent emails to staff stating that the company had suffered a significant cyber attack.
“Our company is currently facing cyberattacks, which may lead to temporary disruptions in business processes.
“We kindly ask all managers to promptly create a work plan adapted to the changed circumstances, in accordance with the Business Continuity Plan, and to communicate it to their teams as soon as possible,” reads the email.
The company issued a mandatory password reset for all employees and installed security-scanning software on their machines on July 7.
As a result of this, all service accounts were disabled, affecting several automated processes. Additionally, data centres were placed in a demilitarised zone, which caused issues with users being unable to sync their passwords.
“Given the current situation and the ongoing cyberattacks, for security reasons, we will postpone the distribution of the June 2025 payslips.
“The IT department is working to resolve the issue as a priority, and once the conditions allow, the payslips will be sent to your email addresses,” the company said in an email.
The company said it severed access to the internet, leaving only few whitelisted pages under the airserbia.com domain available. The airline also implemented a new VPN client to address identified security vulnerabilities.
“We kindly ask you to take this situation seriously and fully cooperate with the IT team. Please allow them to install the necessary software as efficiently as possible and carefully follow any further instructions they provide,” reads the email.
Earlier this month, Australian airline Qantas said that it detected data security, involving a third-party platform used by one of its airline contact centres, that compromised the sensitive personal data of 5.7 million customers.