Hackers hijack airport PA systems in U.S. and Canada
Key points
- Four airports reported unauthorized PA or screen messages
- Harrisburg airport audio ran about ten minutes
- Kelowna says breach tied to cloud software provider
- Precautionary aircraft check caused brief delay
- No impact to critical safety systems reported
Audio and screen systems at several North American airports were briefly hijacked this week, broadcasting "Free Palestine" messages and profanity directed at political leaders. Incidents were confirmed at Harrisburg International Airport (MDT) in Pennsylvania, as well as Kelowna International Airport (YLW), Victoria International Airport (YYJ), and Windsor International Airport (YQG) in Canada. Operations continued with precautionary checks and short delays while investigators assessed third-party software vulnerabilities and restored normal service. For travelers, this was a nuisance, not a safety emergency, but it underscores how public-facing systems can be abused.
Context, Harrisburg and Kelowna lead the reports
At Harrisburg, an unauthorized recording played over the public address for about ten minutes on October 15, prompting a return-to-gate and security sweep of a boarding Delta aircraft out of caution before an on-time arrival at destination. Airport officials said the message was political in nature and contained no threats. In British Columbia, Kelowna reported that a third party accessed terminal display screens and the PA system, attributing the breach to a cloud-based software provider used for public messaging; systems were isolated, verified, and restored the same night after a joint assessment with the Royal Canadian Mounted Police and Transport Canada.
Latest developments
Canadian authorities and airport operators say the affected systems were segregated from critical operational networks, limiting the scope to announcements and displays. In the U.S., the Department of Transportation noted that the Federal Aviation Administration is working with Harrisburg on the investigation. Local outlets and traveler videos corroborated brief audio and visual takeovers at the named airports. Some Canadian flights saw minor delays as content was scrubbed and equipment rebooted.
Analysis
For travelers, the immediate takeaway is practical: expect occasional gate holds if an airport resets its public address or display software. Public-facing, cloud-managed tools are convenient, but they expand the attack surface beyond airport firewalls to vendor platforms and credentials. The fixes are classic hygiene, including multifactor authentication for vendor access, strict network segmentation, and local failover modes for PA and display content. Travelers can reduce friction by enabling airline notifications and checking gate changes in carrier apps while screens are being restored. If you are flying through impacted regions, add a small time cushion, and monitor our rolling Flight delays and airport impacts brief for broader system strain unrelated to these incidents.
Final thoughts
The hacked airport PA systems in the U.S. and Canada were disruptive, not dangerous. Investigators say critical safety systems were unaffected, and operators moved quickly to isolate vendor platforms and restore normal service. Expect more attention on cloud controls and vendor vetting as airports harden these public-facing tools.
Sources
- Passenger updates, Kelowna International Airport
- Hackers use some Canada and U.S. airport PA systems to praise Hamas, criticize Trump, Reuters
- Airport officials say cyberattack at HIA was not a threat, WGAL
- B.C. airport display screens, PA system hacked, Global News
- Hackers hit airport screens and PA systems with messages, Travel Market Report