In view of the cyber-attack that Air Europa has suffered, which has affected its payment system used to manage ticket purchases through the web, financial institutions in Mallorca are receiving a flood of queries on Tuesday to find out how to proceed with their bank cards.
First, bank managers warn, if when you bought a ticket with the airline you did not save your card details in the Air Europa system, you would not have been affected the cybersecurity problem.
The airline emphasizes that if the customer has not received the email in which Air Europa warns of the cyber attack, there is no need to worry. In addition, they emphasize that the breach is already solved and the company of the Globalia group is not aware of any fraudulent operation, i.e. no payments have been charged to those affected.
In any case, the recommendation of the bank managers is to be alert in the coming days to prevent in the event that hackers try to make fraudulent charges on the cards of Air Europa customers.
This is not the first time that the airline has faced a similar problem. November 2018 air Europa customers after making ticket purchases with their bank cardss customers were found to have been charged fraudulent which led them to cancel them. At the time Globalia’s airline declined to make a statement, the complaint came from financial institutions that alerted their own customers.
This is what this attack was like
Air Europa explains that its Systems team confirmed the existence of a cybersecurity problem that would have affected the payment environment with which purchases are managed through the website. This fraudulent alteration of the flow in the payment process would have allowed the extraction of credit card data. There is no evidence that the leak was ultimately used to commit fraud, they say.
“The detection and rapid intervention of the team for the application of the protocol established in our response plan has allowed us to block the security breach and prevent the leakage of new data,” it is stated. However, the airline’s IT experts are still analyzing what happened, such as the origin of the attack or the use of the stolen information. They insist that “to date there is no evidence that this data, which is not stored in our systems, has been used to commit fraud.
Back to normality
“The data extracted have been exclusively those associated with the cards themselves and not the customers. In no case have the cybercriminals accessed other Air Europa databases or extracted any other type of personal information from customers,” it is stressed.
As it proceeds in these cases of cybercrime, Air Europa has notified “in due time and form the Spanish Data Protection Agency, the National Institute of Cybersecurity (Incibe) and the State Aviation Safety Agency (Aesa) of the facts” and also to the financial institutions. And also to the affected customers, who have received an email with recommendations to follow in order to minimize any incident.
Air Europa confirms that “at this momentall our systems are operating normally and we can guarantee the security of operations.
For the full article, please visit Diario de Ibiza website here.