This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. For an explanation of our Advertising Policy, visit this page.
Delta Airlines released a statement Wednesday confirming that it had been the victim of a massive cyber attack.
Delta was notified by 7.ai, a company that provided online chat services for the airline, that it had been hacked and that “certain customer payment information for 7.ai clients, including Delta, may have been accessed.”
Delta said that several hundred thousand people could potentially be affected by the breach. Malware was found in 7.ai’s software that attempted to access Delta customers’ credit card information.
“At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” Delta said.
Delta was notified about the incident on March 28. The hack itself occurred over a period of a couple weeks in the fall of 2017, beginning on September 26 and ending October 12, 2017.
The hack appeared to only affect customers who entered their credit card information manually:
There was no impact to the Fly Delta app, mobile delta.com or any other Delta computer system. Payment card information for those customers who used Delta Wallet to complete transactions was not compromised. The malware could only collect the information shown on the screen, so credit card information automatically populated by Delta Wallet functionality would have remained masked and not useable.
Stolen information potentially includes customers’ names, addresses, payment card numbers, CVV numbers and expiration dates. Fortunately, other personal details like passport, government ID, security or SkyMiles information was not affected.
The airline is working with federal law enforcement and forensic teams to investigate the security breach. It’s also launched a dedicated webpage to provide updates on the situation. Delta said it will notify customers who they think may have had their information stolen, adding that the company will ensure its customers are not responsible for any fraudulent activity and will also provide free credit monitoring to those affected.
“We have notified law enforcement and are cooperating fully to ensure the protection of our clients and their customers’ online safety,” 7.ai said in a separate statement. “We are confident that the platform is secure.”
Know before you go.
News and deals straight to your inbox every day.
NEW INCREASED OFFER: 60,000 Points
TPG'S BONUS VALUATION*: $1,200
CARD HIGHLIGHTS: 2X points on all travel and dining, points transferrable to over a dozen travel partners
*Bonus value is an estimated value calculated by TPG and not the card issuer. View our latest valuations here.
- Earn 60,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $750 toward travel when you redeem through Chase Ultimate Rewards®
- Chase Sapphire Preferred named "Best Credit Card for Flexible Travel Redemption" - Kiplinger's Personal Finance, June 2018
- 2X points on travel and dining at restaurants worldwide & 1 point per dollar spent on all other purchases.
- No foreign transaction fees
- 1:1 point transfer to leading airline and hotel loyalty programs
- Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards. For example, 60,000 points are worth $750 toward travel
- No blackout dates or travel restrictions - as long as there's a seat on the flight, you can book it through Chase Ultimate Rewards