“The security and confidentiality of our customers’ information is of critical importance to us and a responsibhacility we take extremely seriously.”
The world of aviation showed that despite following among the most stringent security procedures of any industry in the world, it too is still susceptible to cyberattacks after the US airline, Delta, discovered that a security flaw gave hackers access to some of its customers’ payment information.
Delta made the discovery after the company that provides the airline’s online chat services, 24/7.ai, had been involved in a cyber incident that last year compromised its own data security. That failure led to banking information being exposed to the criminals, however Delta stressed that information such as passport, government ID or security information wasn’t accessed.
In an official statement a spokesperson from the company said: “It is our understanding that the incident occurred at 7.ai from Sept. 26 to Oct. 12, 2017 and that during this time certain customer payment information for 7.ai clients, including Delta, may have been accessed.” A search for Delta on 24/7.ai for more information on the attack yielded no results.
To help alleviate any potential fall-out from the security breach, Delta has set up a free protection service – details of which haven't been revealed – and will contact the “small subset of customers” that have been affected. It was unable to say whether the breach, which has been handed over to federal law enforcement and forensic teams, has led to any of its customers’ information being accessed or subsequently compromised.
The spokesperson from Delta said the company appreciated and understood customers’ concern following the breach. “The security and confidentiality of our customers’ information is of critical importance to us and a responsibility we take extremely seriously,” and added that the company would provide regular updates to address customer questions and concerns. Delta's full statement can be viewed here.
Not an isolated problem, Delta-24/7.ai’s October 2017 hack followed a targeted attack from Russia against the US as part of a campaign to undermine its most sensitive infrastructure, according to a Bloomberg report last month. Though this attack did not directly harm planes or airlines, incidents of this nature can have severe implications and has in some instances resulted in airlines being forced to bring operations to a standstill and incur millions of dollars-worth of lost revenue.
You may also like this from Transport Security World…