The airline Air Europa has warned that "a leak of customers' personal data could have occurred" as a result of the security incident detected last October, which affected the information hosted in the airline's computer systems.
As explained in an email sent to potential affected parties, the investigation reflects that names and surnames, ID or passport, frequent flyer code, postal address, date of birth, telephone number, email address and nationality could have been leaked, although it does not mention bank details.
In October, Air Europa reported that it had suffered a cyberattack in the payment environment of its website, so it contacted some of its customers to recommend canceling the cards used and thus prevent any use of the stolen information, although it assured that it had not detected any fraud.
In its latest communication, which EFE has had access to, the company explains that "throughout the technical and cybersecurity analyses carried out within the framework of the investigations related to said incident", it has identified "subsequently irregular access" to its systems.
In any case, and for the "tranquility" of the recipients, to date there is no evidence that fraudulent use of this information has been carried out and, if it happened, "the inconveniences derived from it would be, in any case, limited".
Attention to any suspicious communication
As a prevention, the airline recalls possible prevention measures such as paying attention to any suspicious communication that comes from unreliable email addresses or that use language with grammatical and spelling errors.
Likewise, it invites users not to download or open files from unreliable sources, not to click on the links included in communications from unknown sources and not to answer suspicious messages.
Air Europa, which insists that it will never ask to share passwords or confidential information by email, suggests changing the access data to its accounts and digital profiles, at least once a year.
Faced with the complaints of travelers on social networks, the company says, in its responses, that it is working to "minimize the impact", while it continues to carry out "the implementation of prevention and security measures".