Air Côte d’Ivoire confirms cyberattack following ransomware claims

The main airline serving the West African nation of Côte d’Ivoire was hit with a cyberattack earlier this month that forced it to institute business continuity plans. 

Air Côte d’Ivoire did not respond to requests for comment but released a statement on Friday confirming reports that hackers had breached its systems on February 8. Last week, the INC ransomware gang claimed it stole 208 GB of data from the airline. 

In its statement, the airline said the cyberattack “affected parts of its information system” and it had to call in technical teams to assist with flights and other operations.

The airline is partially owned by Air France, which did not respond to requests for comment. Air Côte d’Ivoire said it sent a notification of the incident to France’s National Agency for the Security of Information Systems (ANSSI) and the Ivory Coast Telecommunications Regulatory Authority (ARTCI).

Côte d’Ivoire’s Computer

Emergency Response Team (CI-CERT) and international experts have been brought in to investigate the incident and determine the extent of the data breach. 

“Air Côte d’Ivoire is aware of the risks that the data leak could entail for its service providers, its passengers and its employees,” the airline said in its statement.  

“We are making every effort with the competent authorities to limit the consequences. We want to reassure the public of the stability of our flight program and the continuity of its operation in stringent compliance with international safety standards.”

Based in the country’s largest city of Abidjan, the airline is relatively small with a fleet size of 14, but offers flights to dozens of African countries as well as Lebanon and France. 

In its post about the attack, the INC ransomware gang threatened the company to pay an undisclosed ransom by February 24. 

The ransomware gang previously took credit for an attack on the Pennsylvania Office of the Attorney General, the government of Panama in the fall of 2025 and the government of Hungary in 2024. The group caused chaos across the U.S. in November when it shut down a system hundreds of local municipalities use to warn residents of emergencies. 

Regional airlines continue to face attack by ransomware gangs hoping the disruption to air travel will force them to pay ransoms quickly. South African Airways, Hawaiian Airlines, Envoy Air, Australian airline Qantas, Spanish airline Iberia and severalRussian airlines were all targeted by hackers last year.