Cyberattack on Iberia exposes customer information

Iberia has become the newest airline hit by a cyberattack.

Over the weekend, the Spanish carrier notified customers by email that a system managed by one of its tech contractors had been breached.

The airline said that names, email addresses, and loyalty program numbers may have been exposed, but no passwords or payment details were accessed.

"As soon as we became aware of the incident, we activated our security protocol and procedures and implemented all necessary technical and organizational measures to contain it, mitigate its effects, and prevent its recurrence," states the security notice, which was mailed out in Spanish.

Iberia says it has strengthened security measures for the email addresses tied to customer accounts, now requiring a verification code before any updates can be made.

READ MORE: “Containment is complete”: WestJet posts update on cybersecurity incident

The airline adds that it is actively watching its systems for any unusual activity. Authorities have been informed, and the investigation is continuing in collaboration with the affected supplier.

"As of the date of this communication, we have no evidence of any fraudulent use of this data. In any case, we recommend that you pay attention to any suspicious communications you may receive to avoid any potential problems they may cause. We encourage you to report any anomalous or suspicious activity you detect to our call centre by calling the following telephone number: +34 900111500," continues the email.

Attack on aviation

The news comes as a known cybercriminal group turns its focus to aviation, successfully infiltrating the computer systems of several airlines in the U.S. and Canada, according to the FBI.

The Iberia data breach follows cyberattacks of Qantas, Hawaiian, WestJet, Air France-KLM and Aeroflot this past summer.

While the breaches haven’t compromised flight safety, they have put top cybersecurity leaders at airlines on high alert.

As previously reported, these attacks are believed to be the work of “Scattered Spider,” a group of young hackers known for tactics aimed at extorting or humiliating their targets.

The hackers target big companies and their IT contractors, “which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI said in a statement that named Scattered Spider as the perpetrator of the airline hacks.

“Once inside (a victim’s network), Scattered Spider actors steal sensitive data for extortion and often deploy ransomware.”

The FBI said it “is actively working with aviation and industry partners to address this activity and assist victims.”

Don't miss a single travel story: subscribe to PAX today!  Click here to follow PAX on Facebook.