Air Europa customers warned their data may have been leaked


Another major airline company has suffered a cyberattack which resulted in sensitive customer data leaking to the hackers.

A report from the Wall Street Journal claims Air Europa was hit by an incident discovered in October 2023.

The news was confirmed by International Consolidated Airlines Group (IAG), the Anglo-Spanish multinational airline holding company that acquired Air Europa in 2023 for roughly €500 million.

Airlines under attack

IAG has reportedly sent out a breach notification email to affected individuals, telling them that their names, dates of birth, nationalities, ID cards, passport information, and phone numbers, have all been taken by the hackers.

We don’t know exactly how many people are affected by this incident, but Air Europa claims to service roughly 12 million people a year.

So far, there is no evidence of the data being misused on the dark web, but “If it were to happen, the resulting inconvenience would be limited in any case,” Air Europa allegedly said in the email.

Airlines are a popular target for hackers. In January 2024, one of the biggest aircraft leasing companies in the world suffered a ransomware attack that resulted in the theft of sensitive corporate data. AerCap confirmed the news in a 6-K form filed with the U.S. Securities and Exchange Commission (SEC) in which it experienced a “cybersecurity incident related to ransomware”.

The company played down the effect of the incident, noting, “We have full control of all of our IT systems and to date, we have suffered no financial loss related to this incident.”

And In late November 2023, Gulf Air, the national air carrier for the Kingdom of Bahrain, confirmed suffering a data breach.  The “data breach incident” allegedly happened on November 24, and resulted in the compromise of “some information from its email and client database” due to unauthorized access.

Read more…