Delta Announces Customer Information Breach
On Wednesday, Delta Airlines released a statement confirming that the airline was victim of a massive cyber attack. 247.ai, the company providing online chat service for Delta (and Sears Holdings) said they potentially left payment details of the airline’s customers exposed between September and October of 2017.
Delta indicated that hundreds of thousands of customers could potentially be affected by the breach. Malware was found in the software from 247.ai that attempted to access Delta customers’ credit card payment information. Delta states that no other customer personal information, such as passport, government ID, security or SkyMiles information was impacted, and that the hack appears to have only affected customers who entered their credit card information manually.
The malware did not impact the Fly Delta app, delta.com on mobile devices or any other Delta system. Further, payment information for those customers who used Delta Wallet to complete transactions was not compromised.
Delta was notified of the breach on March 28th and have been working with federal law enforcement and forensic teams. The airline confirmed that the incident was resolved by the end of October. “At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” Delta said in a statement.
Via the Delta news hub, the airline released the following statement:
We appreciate and understand that this information is concerning to our customers. The security and confidentiality of our customers’ information is of critical importance to us and a responsibility we take extremely seriously. Delta will launch delta.com/response, a dedicated website, noon ET April 5, which we will update regularly to address customer questions and concerns. We will also directly contact customers who may have been impacted by the 7.ai cyber incident. In the event any of our customers’ payment cards were used fraudulently as a result of the 7.ai cyber incident, we will ensure our customers are not responsible for that activity.
Delta has confirmed that customers who were impacted by this breach would not be held liable for any unauthorized charges to their payment cards. They also indicated they will be directly contacting customers whose payment information was a part of this breach to rectify the situation. If you don’t hear from the airline, you can assume your personal payment data was not compromised.