Air Europa is a Spanish airline that serves travelers from all over Europe, North America, the Caribbean, and Tunisia. The airline welcomes over 430 million fliers each year, with 10,000+ daily flights across the globe. Following a recent hack, some consumers may have had their credit card information stolen. Very little is public about the cyber incident, meaning any traveler could be at risk. 

How Did the Attack Occur? 

Air Europa has not released specific details about the data breach, but there are predictable elements. Given the type of information stolen, many suspect the breach occurred following a cyberattack on their online payment systems. This theory aligns with the data stolen but is unsubstantiated by Air Europa’s consumer impact notifications. Instead, their impact notice states that there was a cybersecurity incident, which they discovered. If the attack happened via the payment system, we suspect an injection or security vulnerability built into the payment application. 

What Information was Viewed or Stolen? 

Although many unknowns exist about this data breach, the information stolen is not. At the same time, Air Europa may not release all details about the incident based on their consumer notice. The threat actors accessed consumer credit card numbers, expiration dates, and the 3-digit card verification codes according to the notification. They stated that the assailants stole no other consumer credentials; however, the malicious actors may have also gained consumer names with card details. 

How Did Air Europa Admit to the Breach? 

Air Europa did not add the timeline of the breach to the consumer notice. Some resources purport the attack occurred as early as August 28th, without a note about when the discovery occurred; others claim the attack happened 41 days earlier (August 30th), also without word on the discovery period. The timelines are not substantiated by Air Europa, except for the subsequent consumer impact notifications sent by email on October 10th. Those who received an email from them on or around October 10th are strongly encouraged to take defensive precautions. 

What Will Become of the Stolen Information? 

Hopefully, notified consumers will act immediately and cancel the impacted credit or debit cards. As Air Europa’s notification suggests, those who do not are at risk for card spoofing and financial fraud. Additionally, impacted consumers may be at risk of hackers leveraging the information. Some impacted individuals may suffer fraudulent activity on their financial records; threat actors may ask others to pay ransoms for the security of the data. No matter how safe your details seem, those who recently traveled with Air Europa may have details in danger. 

What Should Affected Parties Do in the Aftermath of the Breach? 

Air Europa released no known number of impacted individuals; the impact number could be anything. What is known is that Air Europa has seemingly contacted impacted parties via email about their stolen details. If you have received the consumer impact notification, there is a strong chance hackers stole your information during the attack. Of course, Air Europa has stated they’ve not found evidence of misuse of the card details; however, that does not protect those who have had their details exposed. The only way to protect yourself is by canceling the impacted card and ordering financial, fraud and credit monitoring services. These are the only ways to stop or mitigate life-changing crimes before they occur.