The Russian-speaking cybercrime group Qilin has claimed responsibility for a ransomware breach that targeted Tulsa International Airport in Oklahoma, according to reports from ransomware tracking services. The alleged incident was first listed on the group’s leak site on January 30, 2026, marking one of the first reported attacks against a major US airport this year.
Ransomware.live, a public ransomware intelligence platform, recorded that the Tulsa airport’s official domain and systems may have been compromised by the Qilin gang, which has been active in global ransomware operations since at least 2022. The report did not include details on the extent of data accessed or encrypted, and Tulsa International Airport officials had not publicly confirmed the breach or its operational impact at the time of reporting.
Qilin is a ransomware-as-a-service operation that security researchers say has been linked to attacks on a wide range of organisations and infrastructure globally, including businesses, healthcare providers, and government entities. The group’s software, originally identified as “Agenda” in 2022 and later rebranded as Qilin, has been used to encrypt systems and publish stolen data to pressure victims into ransom negotiations.
Available online records from the incident listing show that the breach was discovered around January 30 and attributed to Qilin by third-party threat monitoring services. At present, there has been no independent verification by law enforcement or airport authorities, and public statements from Tulsa International Airport were not available at the time this summary was prepared. The listing does not specify what types of files or systems were affected.
Cybersecurity analysts have documented Qilin’s increased activity over the past several years, noting its prolific use of a ransomware-as-a-service model that allows affiliates to deploy its malware in a variety of sectors. The group has been associated with multiple high-profile incidents, including breaches affecting critical infrastructure and commercial organisations in 2025.