Air Europa, one of the largest airlines in Spain, is urging certain customers to cancel their payment cards due to a potential compromise of their information resulting from a recent hack.
The airline has notified affected customers that it has detected unauthorized access to a system containing payment card data. Hackers may have obtained partial credit card numbers, expiration dates, and CVV codes, but no other information appears to have been compromised. Recipients of Air Europa’s email notifications are advised to identify payment cards used on the airline’s website, contact the associated bank, and request cancellation of the card. They are also advised to remain vigilant for any suspicious phone calls, emails, or messages.
The number of affected individuals is unknown, but the company has informed relevant authorities. It is not uncommon for airlines to be targeted by ransomware groups seeking to steal sensitive information from compromised systems. In this case, it is possible that cybercriminals targeted Air Europa’s payment systems to sell credit and debit card data on dark web marketplaces.