Spanish airline Air Europa, the country's third-largest airline and a member of the SkyTeam alliance, warned customers on Monday to cancel their credit cards after attackers accessed their card information in a recent data breach.
"We inform you that a cybersecurity incident was recently detected in one of our systems consisting of possible unauthorized access to your bank card data," Air Europa said in emails sent to affected individuals and seen by BleepingComputer.
"We have secured our systems, guaranteeing the correct functioning of the service. Additionally, we have made the due notifications to the competent authorities and necessary entities (AEPD, INCIBE, banks, etc.)."
The credit card details exposed in the breach include card numbers, expiration dates, and the 3-digit CVV (Card Verification Value) code on the back of the payment cards.
Air Europa also warned affected customers to ask their banks to cancel their cards used on the airline's website due to "the risk of card spoofing and fraud" and "to prevent possible fraudulent use."
Customers were also advised not to provide their personal info or card PINs to anyone contacting them over the phone or via email and not to open any links in emails or messages warning them of fraudulent operations involving their cards.
