Data breach may have exposed Delta customer payment information

|
Data breach may have exposed Delta customer payment information
Image Credit: Dreamstime
Team Clark is adamant that we will never write content influenced by or paid for by an advertiser. To support our work, we do make money from some links to companies and deals on our site. Learn more about our guarantee here.
Advertisement

Delta Air Lines says some customer payment information may have been exposed in a data breach.

In a news release, Delta said it was notified by [24]7.ai, a company that provides online chat services for the airline and many other companies, that [24]7.ai had been involved in a cyber incident.

The incident occurred from September 26 to October 12, 2017, but Delta was just informed of the matter last week.

RELATED: Panera Bread data breach: Here’s what we know

What you need to know about the data breach involving Delta customer payment information 

“At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised,” Delta said in the statement.

Only customer payment information may have been accessed. No passport, government ID, security or SkyMiles information was impacted.

Delta said customers who may have been affected by the [24]7.ai cyber incident will be contacted directly. The airline added that it will ensure its customers aren’t responsible for any fraudulent use of payment cards connected to this incident.

You can go to delta.com/response starting at noon on Thursday, April 5 to get updates on the situation.

Meanwhile, Reuters reports that this same data breach exposed credit card information of under 100,000 Sears and Kmart customers. The retailer is another one of [24]7.ai’s clients.

Delta statement

Last week, on March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber incident. It is our understanding that the incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017, and that during this time certain customer payment information for [24]7.ai clients, including Delta, may have been accessed – but no other customer personal information, such as passport, government ID, security or SkyMiles information was impacted.

Upon being notified of [24]7.ai’s incident, Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system. We also engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by [24]7.ai last October. At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised.

We appreciate and understand that this information is concerning to our customers. The security and confidentiality of our customers’ information is of critical importance to us and a responsibility we take extremely seriously. Delta will launch delta.com/response, a dedicated website, noon ET April 5, which we will update regularly to address customer questions and concerns. We will also directly contact customers who may have been impacted by the [24]7.ai cyber incident. In the event any of our customers’ payment cards were used fraudulently as a result of the [24]7.ai cyber incident, we will ensure our customers are not responsible for that activity.

[24]7.ai statement

[24]7.ai discovered and contained an incident potentially affecting the online customer payment information of a small number of our client companies, and affected clients have been notified. The incident began on Sept. 26, and was discovered and contained on Oct. 12, 2017. We have notified law enforcement and are cooperating fully to ensure the protection of our clients and their customers’ online safety. We are confident that the platform is secure, and we are working diligently with our clients to determine if any of their customer information was accessed.

How to protect yourself from a data breach

With so many data breaches in the news recently, you may be wondering how to protect yourself. Money expert Clark Howard recommends taking these two steps to safeguard your personal information:

1. Sign up for a free credit monitoring service

First, sign up for free credit monitoring at CreditKarma.com or CreditSesame.com Both of these services track suspicious activity on your account and suggest ways to keep your credit data safe.

2. Freeze your credit with Equifax, TransUnion and Experian

If you want the peace of mind knowing that no one can take out a new line of credit in your name, freeze your credit. Clark says that he froze his credit more than a decade ago and that it’s really simple to temporarily lift the freeze if you need to. Get started with his step-by-step Credit Freeze Guide.

Advertisement
Michael Timmermann paid off his mortgage in two years. Now, he shares his money-saving tips on his blog, Save on Almost Everything.
View More Articles
  • Show Comments Hide Comments