Spanish airline Air Europa has suffered a cyberattack on its online payment system that let some of its customers’ credit card details exposed, the company said on Tuesday.
The airline emailed customers whose credit card details were affected and notified the relevant financial institutions, it added. It did not specify the number of customers affected, nor did it estimate the financial impact of the cyberattack. The company said no other information had been exposed.
“There is no evidence that the breach was ultimately used to commit fraud,” the airline said.
An email received by an Air Europa customer and seen by Reuters on Tuesday advised that the card used to pay on the Air Europa website should be canceled and replaced “to prevent possible fraudulent use of your information” following the incident.
Spanish consumer association OCU recommended that users who receive the email follow Air Europa’s advice and called on the country’s data protection watchdog to investigate when the cyberattack occurred as unauthorized use of the exposed cards could pre-date the company’s alert.
In 2021, the airline was fined for its mishandling of another breach that affected 489,000 customers in 2018, the OCU said in a statement. Air Europa reported that incident 41 days after it happened, whereas companies are required to do so within 72 hours.
Madrid-based Air Europa is in the process of being taken over by British Airways-owner International Consolidated Airlines Group ICAG.L.
(Reporting by Corina Pons, editing by Inti Landauro and Louise Heavens)
Was this article valuable?
Here are more articles you may enjoy.
‘Great Resignation’ Enters Third Year as Workers Embrace AI, Upskilling, PwC Says 
As Rates Rise, Majority of Homeowners Say Insurance Industry Is in Crisis: Survey 
Home Insurance at $10,000 a Year Shows California Buyers’ Pain 
Zurich to Buy AIG’s Travel Insurance Business for $600 Million 
