Delta Air Lines Announces Potential Breach of Customer Payment Data
The incident reportedly occurred from September 26 to October 12, 2017, though actual impact unknown
Delta Air Lines says that it was notified on March 28, 2018 by a company that provides online chat services for the airline, 7.ai, that some Delta customer payment data may have been exposed in a cyber incident.
The incident reportedly occurred from September 26, 2017 to October 12, 2017. During this time, certain customer payment information for 7.ai clients, including Delta, may have been accessed by an unauthorized source.
Only Payment info affected
According to Delta, only payment information for a small subset of its customers would have been exposed. No other customer personal information, such as passport, government ID, security, or SkyMiles information, was impacted.
After being notified of the incident, Delta says that it immediately began working with 7.ai to understand any potential impact on Delta customers, delta.com, or any Delta computer system.
Incident resolved, Though Impact Unknown
While federal law enforcement and forensic teams have confirmed that the incident was resolved by 7.ai last October, Delta says that it cannot say definitively whether any of its customers' information was actually accessed or subsequently compromised.
"We appreciate and understand that this information is concerning to our customers," Delta said in a released statement. "The security and confidentiality of our customers' information is of critical importance to us and a responsibility we take extremely seriously."
What is Delta Doing?
Delta has launched a dedicated website, delta.com/response, to regularly update customers about this situation and address other questions and concerns. The airline will also directly contact any customers who may have been impacted by the 7.ai cyber incident.
In the event that any Delta customers' payment cards were used fraudulently as a result of this incident, the airline says that it will ensure that no customer is held responsible for that activity.