The cyber attack suffered by Air Europa this morning and which has left customers' banking details exposed has caused great discomfort among those affected. The company itself, which has alerted through emails of the steps to follow, has warned that cybercriminals have attacked the payment environment with which they manage purchases through the web and that they have allowed "the extraction of data from the credit cards". If you have been affected, here is what to do.
First of all, as the company has warned in a statement and the Organization of Consumers and Users (OCU) has emphasized, the first thing is to contact the banking entity to proceed with the cancellation of the credit cards with which has bought the tickets. The attackers would have obtained the number of an undetermined number of cards, their expiration dates and the CVV, key data to carry out operations. This is the data of the cards themselves, not the cardholders, reports the airline, which ensures that cybercriminals have not accessed "other databases."
In addition, Luis Corrons, an expert at Avast—a company dedicated to providing cybersecurity solutions to companies—also recommends "reviewing the statements and verifying that there has not been any fraudulent operation." "If there has been one, contact the issuing entity of the card and the authorities to file the corresponding complaint," he emphasizes.
To improve both security after the attack and the flow of information, the Spanish Consumer Association this Tuesday urged Air Europa to inform affected users “directly and immediately”, as they fear that a “simple” generic statement “will not reach to all".
The consumer organization regretted this new case of cyberattack which, it pointed out, “violates” the “protection” of “sensitive” data such as those related to payments made by credit card.
For this reason, it is considered that rapid and direct action “would cut off the insecurity that is occurring in those who have contracted services with said airline and would generate trust from this moment on,” he said, while saying that he “did not properly understand” the publication. of a “generic” statement, convinced that “there must be total transparency towards consumers.”
The OCU, for its part, also asks the Spanish Data Protection Agency (AEPD) to investigate "if the security breach is not previous." It should be remembered that in 2021 the same company was sanctioned for mismanagement of another attack that affected 489,000 customers.
Although data from the relevant investigation has not yet been clarified, Corrons considers that "it has all the appearance of being a formjacking type attack, also known as Magecart or web skinning." "The attackers insert malicious code into the website, which then captures and transmits the credit card data to a server controlled by the attackers." Furthermore, he adds that "this type of attack has affected numerous companies and exposed sensitive consumer data in recent years, one of the most notorious being the one suffered by another airline, British Airways."
