Delta Customer Payment Info Potentially Exposed in Cyberattack

Delta Customer Payment Info Potentially Exposed in Cyberattack

Delta has not said how many of its customers were involved in the breach, but Sears Holdings confirmed that as many as 100,000 customers could have been impacted.

Delta Air Lines and Sears Holdings confirmed Wednesday that a cybersecurity incident at a third-party company called 247.ai potentially left customer payment information vulnerable online between September and October of last year.

Delta said 247.ai, a chat-services provider used by Delta and other companies, informed the airline of the breach last week. The airline brought in federal law enforcement and forensic teams and confirmed that the unauthorized access to customer payment information was cut off by October.

Delta has not said how many of its customers were involved in the breach, but Sears Holdings confirmed that as many as 100,000 customers could have been impacted.

“No other customer personal information, such as passport, government ID, security or SkyMiles information was impacted,” Delta Air Lines said in a statement. “Even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised."

Delta said it will ensure customers will not be liable for misuse of their information.

Some security experts were less optimistic about their response.

“Time is a critical factor for preventing fraud whenever there is a breach of financial data,” said Craig Young, computer security researcher for Tripwire’s Vulnerability and Exposure Research Team. “Delta has assured customers that they won’t be held responsible for fraudulent charges, but it seems likely that if fraudulent charges related to this have not already been identified, there is little hope that they will ever be connected to this breach.”

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3