- Iberia disclosed a third-party breach that exposed customer names, emails, and loyalty card IDs, but not passwords or banking details.
- An advertisement on the dark web claims that 77 GB of internal Iberia technical files were stolen, raising questions about a separate attack
- The investigation is ongoing, authorities have been notified and customers are urged to remain alert for suspicious communications.
Spain’s national airline, Iberia, is notifying its customers of a third-party cyberattack and data theft incident.
In a data breach notification letter shared on social media, Iberia said that a malicious threat actor gained access to a third-party vendor, through which he managed to steal full names, email addresses, and Club Iberia loyalty card identification numbers from an undisclosed number of customers.
Passwords, as well as banking information, are apparently not compromised.
Files appear on the dark web
“As soon as we became aware of the incident, we activated our security protocol and procedures and adopted all necessary technical and organizational measures to contain, mitigate and eliminate its effects and prevent it in the future,” Iberia said, highlighting that any email address change on the Iberia website now requires prior confirmation.
The investigation continues and authorities have been notified.
The airline says there is no evidence that the stolen files were abused, but it still urges its customers to remain alert, especially for possible communication attempts.
At the same time, beepcomputer reports that someone recently posted a new ad on a dark web forum advertising 77GB of Iberia data for $150,000.
In the forum post, the threat actor claimed that the file was obtained “directly from the airline’s internal servers” and said it contained technical data on the A320/A321 aircraft, AMP maintenance files, engine information, and other internal documents.
This doesn’t line up with what Iberia said in its email, so it remains to be seen if this is the same incident or two separate attacks.
At the close of this edition, no new information has been published on the Iberia website or on its social channels.
Iberia is part of the International Airlines Group and flies to more than 130 destinations around the world.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
