LOT Polish Airlines canceled 10 flights and delayed another dozen on Sunday after one of its IT systems was allegedly attacked.
The national carrier was quick to blame a hacker attack for crashing its computers that generate flight plans at Warsaw's main airport.
Earlier today, CNBC quoted a LOT spokesperson as saying that the hackers carried out a so-called distributed denial of service (DDoS) attack.
But not all security and aviation experts thought that idea passed the sniff test.
One question: why would a flight-plan generating system localized at one location be connected to the Internet? (It would have to be online if it were to be vulnerable to a DDoS attack -- where a server is overwhelmed with data and stops functioning.)
Another red flag: It's rare for external hacks such as DDoS attacks to be fixed within as few as five hours, as this one was. Though maybe there was a redundant system that could have been activated.
In good news, the hacker attack only disrupted flights still on the ground, not ones in midair, said the airline.
Today LOT said the problem had been resolved. Poland's Government Centre for Security and ABW, the country's domestic intelligence agency, are investigating the incident, according to a report by TVN24 and Radio Poland.
News reports have been conflicting. One TV report today shows the airline's lead spokesperson saying that the airline doesn't know who did the attack.
Yet in another report, a spokesperson said an "unauthorized person had access" to its IT system.
Maybe this is what happened:
More seriously, in a interview with Reuters, a spokesperson said:
"We're using state-of-the-art computer systems, so this could potentially be a threat to others in the industry."
Here's how to try to protect your systems that are connected to the Internet from a DDoS attack.
ANALYSIS: Should airlines offer bounties to hackers who find security flaws