0
(Image: file photo)
A hacker broke into Virgin America’s corporate network earlier this year, the company has confirmed.
The airline said in a letter to employees, published Thursday, that the hacker had “gained unauthorized access to certain Virgin America information systems containing your data” on March 13.
The hacker “gained access to… login information and passwords” that employees use to access Virgin America’s corporate network.
A spokesperson confirmed that 3,120 employees and contractors had their login information compromised, while 110 additional employees may have had personal information stolen, such as addresses, social security numbers, details of government-issued IDs (such as driving licenses), and health-related information.
But it’s not known how the hacker gained access to Virgin America’s network.
A person who used to work for the airline told ZDNet that the company hosted its email with Google and requires employees to use two-factor authentication, which suggests that the hacker likely did not use usernames and passwords that might have been stolen or exposed from another breach. The use of two-factor authentication on the network would also prevent the hacker from using credentials from an account with higher privileges, such as system administrators, to access further systems and databases.
The company’s security team said in the letter that it identified the unauthorized access and mitigated the hacker’s access.
Employees and contractors were forced to change their passwords. The airline also said it consulted an unnamed cybersecurity firm and informed law enforcement of the breach.
Virgin America was acquired by Alaska Air for $2.6 billion last year. The airline, founded by Richard Branson in 2004, will retire its branding by 2018.
“Customer data for Virgin America and Alaska Airlines was not impacted,” a spokesperson said.
The breach is unrelated to a recent breach of Sabre systems, a reservation software company that revealed it had been attacked earlier this year.
The company’s software is used by hundreds of airlines, including Virgin America, and thousands of hotels to manage passenger and guest reservations, revenue management, and human resources. Several major companies — including Google, Hard Rock Hotels, Loews, and some Trump properties — have revealed that they had data stolen as a result of the Sabre breach.
Contact me securely
Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.
ZDNET INVESTIGATIONS
Leaked TSA documents reveal New York airport’s wave of security lapses
US government pushed tech firms to hand over source code
At the US border: Discriminated, detained, searched, interrogated
Millions of Verizon customer records exposed in security lapse
Meet the shadowy tech brokers that deliver your data to the NSA
Inside the global terror watchlist that secretly shadows millions
FCC chairman voted to sell your browsing history — so we asked to see his
With a single wiretap order, US authorities listened in on 3.3 million phone calls
198 million Americans hit by ‘largest ever’ voter records leak
Britain has passed the ‘most extreme surveillance law ever passed in a democracy’
Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it
Leaked document reveals UK plans for wider internet surveillance
0