Spanish airline Air Europa is sending customers notices of a data breach to inform them of a cybersecurity incident impacting their payment card data.
Air Europa is the third-largest airline in Spain, operating a fleet of 39 aircraft and offering flights to 44 destinations in the country, various European countries, Morocco, Tunisia, South and North America, and the Caribbean.
According to multiple reports from Air Europa customers on social media and flyer forums, the firm is sending notices of a data breach that has compromised people’s financial information. Specifically, the company informs that hackers breached a system and gained unauthorized access to the following information:
- The number of the bank card
- The expiration date of the card
- The CVV (security code) of the card
Access to the above allows anyone to make online purchases using the stolen card information. In other cases, the attackers resell card data on dark web marketplaces where they are purchased by organized crime rings involving intricate laundering networks of “money mules.”
To mitigate the risks that arise from the exposure, Air Europa’s letter to impacted customers urges them to take the following actions:
- Identify the card they used to make payments on the company’s website (aireuropa.com).
- Contact your bank and request a replacement card and cancellation of the existing one.
- Refrain from sharing sensitive information through telephone, email, or SMS.
- Treat incoming communications with caution and avoid clicking on links embedded in messages.
Customers who detect suspicious activity or transactions they don’t identify are urged to report it to the police as soon as possible, along with all accompanying details.
RestorePrivacy has contacted Air Europa to learn more about the attack, how many customers were impacted, and what other measures have been taken, but we have yet to receive a response. Also, by writing this, Air Europa had not published an official statement about the incident on its press center or social media channels.
Further reading:
23andMe Accounts Hijacked and Data Put Up for Sale on Hacker Forum
This is getting worst everyday. Cybersecurity is probably the most important subject to focus on. Thank you so much Heinrich for sharing the news.
The mysterious user strikes again with a really good point. Nice. 🙂