Delta Customer Payment Info Potentially Exposed in Cyberattack

Delta Customer Payment Info Potentially Exposed in Cyberattack

Delta has not said how many of its customers were involved in the breach, but Sears Holdings confirmed that as many as 100,000 customers could have been impacted.

Delta Air Lines and Sears Holdings confirmed Wednesday that a cybersecurity incident at a third-party company called 247.ai potentially left customer payment information vulnerable online between September and October of last year.

Delta said 247.ai, a chat-services provider used by Delta and other companies, informed the airline of the breach last week. The airline brought in federal law enforcement and forensic teams and confirmed that the unauthorized access to customer payment information was cut off by October.

Delta has not said how many of its customers were involved in the breach, but Sears Holdings confirmed that as many as 100,000 customers could have been impacted.

“No other customer personal information, such as passport, government ID, security or SkyMiles information was impacted,” Delta Air Lines said in a statement. “Even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised."

Delta said it will ensure customers will not be liable for misuse of their information.

Some security experts were less optimistic about their response.

“Time is a critical factor for preventing fraud whenever there is a breach of financial data,” said Craig Young, computer security researcher for Tripwire’s Vulnerability and Exposure Research Team. “Delta has assured customers that they won’t be held responsible for fraudulent charges, but it seems likely that if fraudulent charges related to this have not already been identified, there is little hope that they will ever be connected to this breach.”

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.