Delta Air Lines has revealed that some of its customers’ payment information may have been compromised by a cyber attack at its online chat services provider.
Delta was notified last week that its supplier, 7.ai, had been involved in a ‘cyber incident’ from 26 September to 12 October last year, during which time customer payment details may have been accessed.
The airline says no other information, such as passport numbers, government ID, security or Skymiles details, was compromised by the attack.
Upon being notified, Delta said it began working with 7.ai to determine the scope of the attack. Although the chat services provider confirmed that it had resolved the incident in October, neither company can definitively answer whether customers’ information was actually accessed.
The carrier said in a statement: “We appreciate and understand that this information is concerning to our customers. The security and confidentiality of our customers’ information is of critical importance to us and a responsibility we take extremely seriously. We will directly contact customers who may have been impact by the 7.ai cyber incident. In the event any of our customers’ payment cards were used fraudulently as a result of the 7.ai cyber incident, we will ensure our customers are not responsible for that activity.”
A statement by 7.ai said: “We have notified law enforcement and are cooperating fully to ensure the protection of our clients and their customers’ online safety. We are confident that the platform is secure, and we are working diligently with our clients to determine if any of their customer information was accessed.”