While criminals used around 4,000 bank cards’ data in fraudulent activities, Air Europa classified the breach as a medium-risk incident and chose not to inform the affected individuals.
You even come out and tell customers to change their cards but you say in the bottom of that paragraph that its a medium severity? This doesn’t even make any sense.
The top paragraph says:
Spanish airline Air Europa, the country’s third-largest airline and a member of the SkyTeam alliance, warned customers on Monday to cancel their credit cards after attackers accessed their card information in a recent data breach. “We inform you that a cybersecurity incident was recently detected in one of our systems consisting of possible unauthorized access to your bank card data,” Air Europa said in emails sent to affected individuals and seen by BleepingComputer. “We have secured our systems, guaranteeing the correct functioning of the service. Additionally, we have made the due notifications to the competent authorities and necessary entities (AEPD, INCIBE, banks, etc.).”
So, what is it?
The credit card details exposed in the breach include card numbers, expiration dates, and the 3-digit CVV (Card Verification Value) code on the back of the payment cards.
This tells mne that they didn’t encrypt anything, right?
Air Europa also warned affected customers to ask their banks to cancel their cards used on the airline’s website due to “the risk of card spoofing and fraud” and “to prevent possible fraudulent use.”
Customers were also advised not to provide their personal info or card PINs to anyone contacting them over the phone or via email and not to open any links in emails or messages warning them of fraudulent operations involving their cards.
This article seems very confusing and contradicting. Bleeping computer via Databreaches has the article. Its titled Air Europa data breach: Customers warned to cancel credit cards and if you’ve used this airline, better read this one. Confusing.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.