Air Europa asks its customers to cancel their credit cards after a cyber attack

Air Europa has suffered a cyber attack that has stolen financial data from its customers, as the airline has informed those affected via email. In the message, it warns them that their credit card information has been stolen and that they should cancel them immediately. elDiario.es has asked the company about the number of people affected and whether all of them have already been notified of the situation, but airline sources affirm that they do not have this data at the moment.

The reason is that the attackers have intercepted the payment operations with the cards, not the customer profile, so there could be several intercepted operations that have been paid with the same card. “In no case have cybercriminals accessed other Air Europa databases or extracted other types of personal information from customers,” the company states in a statement sent to this medium.

According to one of the emails sent by the airline to those affected, to which elDiario.es has had access, the intercepted data are the card number, the Verification Value Code (CVV) and the expiration date. That is, those required to make online payments, minus the name of the owner. “Request the cancellation/cancellation/replacement of that card in order to avoid possible fraudulent use of your information,” the company emphasizes in the message.


43c9df67 85f3 481f acf2 0883ec898518 source aspect ratio default 0


333f05e8 05ff 419b 98c5 d09b07ab28e9 source aspect ratio default 0

In the case of which this media has been aware, the date of the last flight reservation with Air Europa was September 21. This would imply that the attackers have had access to the purchase data of the company’s customers for several weeks, which would skyrocket the number of those affected.

It is unusual for a company to have to ask a large number of customers to go to the extent of canceling their credit card due to a cyber attack. For this reason, many of those affected have asked the company through social networks if this communication was real. Their response is that if you have received the email, follow the recommendations because they are “the necessary measures to address [la incidencia] properly”.

According to the airline’s systems team, the attack has been directed “at the payment environment with which purchases are managed through the web. “Such fraudulent alteration of the flow in the payment process would have allowed the extraction of credit card data.” Air Europa assures that it has already found and closed the gap, so new financial data would no longer be leaking. At the same time, he emphasizes that the gap has not gone any further: “The data extracted has been exclusively that associated with the cards themselves and not with the clients.”

It is a common type of attack. “This is a form of online fraud that involves infiltrating e-commerce websites to steal customers’ credit card data while they make purchases,” explains Luis Corrons, cybersecurity expert at Avast. “The attackers insert malicious code into the website, which then captures and transmits the credit card data to a server controlled by the attackers. “This type of attack has affected numerous companies and exposed sensitive consumer data in recent years, one of the most notorious being the one suffered by another airline, British Airways,” he adds.

The company also insists that “to date there is no evidence that said data, which is not stored in our systems, has been used to commit any fraud.” In any case, cybercriminals do not have to use the stolen data immediately. The potential damage from the leak will be known in the coming days or weeks.

In addition to making unauthorized purchases, the stolen information is useful for cybercriminals to carry out impersonation attacks on banking entities. A false agent attack campaign is currently active, in which cybercriminals pose as employees of the bank of which the target is a client to try to trick them into making fraudulent transfers. “Do not provide personal information, your pin, name or any other personal data via telephone, message or email, even when they identify themselves as your bank,” Air Europa asks those affected in its email.

This type of data also acquires great value on the black market of the dark web, where third parties can buy access to it and match it with other stolen databases they may have in possession to carry out complex cyberattacks.

This is not the first time that this airline has suffered a cyber attack of this severity. In 2018, half a million of its clients saw their personal information and financial data exposed after another security breach in their systems. In that case, the Spanish Data Protection Agency ended up fining Air Europa 600,000 euros for not quickly informing those affected of the seriousness of the attack.

If you suspect that financial information or other sensitive data could be in the hands of scammers, the authorities’ recommendation is to immediately communicate what happened to the bank and report the facts to the police. The National Cybersecurity Institute has the toll-free number 017 and the WhatsApp telephone number 900 116 117 to resolve security questions. It serves citizens, companies and professionals and is confidential.

Follow the news in the new WhatsApp channel of elDiario.es with the keys of the day and the most important last hours.

Related articles

Woman would have been murdered by her romantic partner, who set her on fire...

The residents of the city ​​of Torreón, Coahulia (Mexico)are dismayed after the murder of a 19-year-old girl, after being violently attacked by her romantic...

The United Kingdom recognized the cover-up of blood contaminated with HIV and hepatitis

An investigation revealed the biggest public health scandal in the UK: the deliberate cover-up by the British authorities between 1970 and 1991 of blood...