Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Airlines Alert Customers, Employees of Cybersecurity Incidents

Several North American airlines alerted customers and employees in the past days about various types of cybersecurity incidents, including system breaches, data leaks and credential stuffing attacks.

Several North American airlines alerted customers and employees in the past days about various types of cybersecurity incidents, including system breaches, data leaks and credential stuffing attacks.

Virgin America said it detected unauthorized access to information systems containing employee and contractor data on March 13. According to the company, a third-party accessed logins and passwords used for its corporate network.

Cybersecurity forensics experts have been called in to investigate the incident and law enforcement has been notified.

The company said roughly 3,100 employees and contractors had their login credentials compromised, and an additional 110 individuals may have had social security numbers, driver’s license or government issued IDs, addresses, and health-related information stolen.

Canada-based WestJet Airlines told customers on Friday that an unauthorized third party disclosed some WestJet Rewards member profile data. While the leaked data did not contain any payment card or other financial information, the company has notified the Calgary Police Service and the RCMP’s cybercrime unit.

The airline is in the process of notifying affected customers, and it has advised WestJet Rewards members to change their passwords on a regular basis.

Florida-based ultra low cost carrier Spirit Airlines has sent an email to customers to notify them of an incident involving their FREE SPIRIT account.

The company told customers that someone published their information on a third-party website, but pointed out that the data was obtained from a prior breach unrelated to Spirit Airlines.

Advertisement. Scroll to continue reading.

Spirit’s warning comes after a hacker contacted news websites, including SecurityWeek, claiming to have obtained information on 11.7 million Spirit accounts. The individual claimed to have alerted the airline of a vulnerability in its systems, and decided to put the data up for sale on the dark web after the company ignored him.

The hacker has leaked more than 10,000 records apparently belonging to Spirit customers, including names, Spirit account numbers, passwords, dates of birth, phone numbers, addresses and email addresses. However, he refused to provide the full data set or evidence of how he breached the airline’s systems.

Spirit told SecurityWeek that the hacker actually attempted to extort the company using emails and passwords obtained previously from other sources on the Internet.

Security expert Troy Hunt, the owner of the Have I Been Pwned service, told SecurityWeek that all the email addresses he tested from the leaked data show up in Exploit.in, a list of nearly 600 million email address and password combinations compiled using data stolen from various online systems.

Cybercriminals have used the Exploit.in list for credential stuffing attacks, where attackers automatically inject username/password combinations into a website’s login page in hopes that account owners have used the same credentials on multiple online services.

Related: Hackers Target Malaysia Airlines, Threaten Data Dump

Related: United Airlines Hack Highlights Need for Improved Information Sharing

Related: Hackers Target Polish Airline LOT, Ground 1,400 Passengers

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.