The airline Air Europa suffered a computer attack this morning that allowed cybercriminals to access its customers' banking data. Some of them have warned of the situation through social networks, indicating that they have received an email from the airline explaining that their systems have suffered a cyber attack and that their credit card details have been stolen, therefore They recommend canceling these cards.
The company has officially confirmed the cybersecurity problem, which would have affected the payment environment with which purchases are managed through the web. This attack "would have allowed the extraction of credit card data." Even so, he insists that he has no evidence that the leak "has ended up being used to commit any fraud."
Air Europa has recommended customers contact their bank to cancel or cancel the cards they have used to make payments to the airline. The attackers would have obtained the number of an undetermined number of cards, their expiration dates and the CVV, key data to carry out operations. This is the data of the cards themselves, not the cardholders, reports the airline, which ensures that cybercriminals have not accessed "other databases."
The security breach would have been detected "quickly", which would have allowed the established protocols to be applied and prevent the leak of more data, so this morning the system is now working "with complete normality" and guarantees.
In the email sent to users it is noted that "given the risk of card theft and fraud that this incident could entail, and in order to protect your interests" it is recommended to follow a series of steps. The first, identify the card used to pay on the web, contact the bank and "request the cancellation/cancellation/replacement of that card in order to avoid possible fraudulent use of your information." In addition, it is requested not to give personal information, PIN, name or any data over the telephone, messages or emails, "even when they identify themselves as their banking entity", since it could be an impersonation of the bank's identity.
It is also requested "not to click on links that warn you of fraudulent operations" and if in doubt, contact the entity. "Collect any evidence of possible unauthorized use of your card and report it to the State Security Forces and Bodies," the email states. In this way, we want to prevent, in addition to fraudulent use of the cards, users from falling into scams that use stolen data.
They still insist that "the detection and rapid intervention of the team" for the application of the protocol established in their response plan has made it possible to block the security breach and prevent the leak of new data. This has allowed the company's systems to work "completely normally" during the morning.
Air Europa states that it continues to analyze what happened, the origin of the attack and the use of the stolen information, although it is not aware of any fraud having been committed for now.
"This security breach is worrying, customers beware," said Patricia Suárez, president of the Asufin user association.
