On October 11, we informed you of a cyberattack at Air Europa:
It could be Russian hackers
The cyberattack on Air Europa was allegedly carried out by hackers of Russian origin who penetrated the airline’s servers at the Mallorca headquarters, reports the Spanish newspaper Mallorca Diary, citing internal sources. Around 100,000 bank cards are affected.
We now know that the airline only sent a message to customers on October 10 to inform them that their payment data could have been accessed during the cyberattack. But the cyberattack would have taken place exactly a few days before: according to Diario de Mallorca, the attack occurred between September 26 and 29, and the airline delayed too long in making the information public.
Is it enough to block your debit or credit card??
After the attack was revealed, the airline asked its customers to block their credit cards, but the information exposed in the hack included the customer’s credit card numbers, expiration dates and CCV codes , although storing CCV codes is against Payment Card Industry Data Security Standard (PCI DSS) regulations.
Air Europa now faces a fine following the storage of CCV codes. Another cyberattack occurred in 2018 and affected 500,000 customers. At the time, Air Europa was fined for failing to inform its customers.