- Delta Air Lines says “several hundred thousand” customers may have had their payment information compromised.
- The incident is the result of malware found on software belonging to webchat provider 7.ai.
- Delta will ensure that customers are not responsible for fraudulent card activity resulting from the incident.
Delta Air Lines confirmed on Wednesday that payment information belonging to its customers may have been compromised after a cyber attack on third-party chat service used by the airline.
According to Delta, “several hundred thousand” customers may have had their names, addresses, and payment card information exposed.
On March 28, Delta was notified by chat service provider 7.ai that it malware was present in its software between September 26 and October 17, 2017. In a statement, Delta says it has “engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by 7.ai last October.”
“At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” the airline’s statement went on to say.
Delta also clarified that the FlyDelta app and mobile Delta.com have not been affected by the breach.
According to Delta, no additional data such as passport, government ID, and Skymiles information have been compromised.
“Should customers’ payment cards be found to have been used fraudulently as a result of the 7.ai cyber incident, we will ensure our customers are not responsible for that activity,” Delta said.
The airline is also offering affected customers free credit monitoring services.
Customers can find additional information about the incident on www.delta.com/response.