Virgin America has confirmed in a letter sent to employees that its network was compromised by hackers, with data belonging to thousands of workers compromised and possibly stolen by the attackers.
While an investigation is already under way, the airline did not provide any specifics about the hackers, saying instead that it’s working with law enforcement on determining how the breach took place.
“On March 13, 2017, during security monitoring activities, our data secure team identified potential unauthorized access to certain Virgin America computer systems. We immediately took steps to respond to the incident, including initiating our incident response protocol and taking measures to mitigate the impact to affected individuals,” the company explained in the letter.
“We retained cybersecurity forensic experts to investigate the incident and reported the matter to law enforcement. Nevertheless, it appears that a third-party may have accessed information about certain Virgin America employees and contractors without authorization.”
Alaska Air not affected
The company says that some login information and passwords might have been compromised, and instructed employees and contractors to reset their passwords.
While Virgin America hasn’t said how many employees were affected, a company spokesperson told ZDNet that 3,120 employees and contractors were impacted by the breach, with usernames and passwords stolen. Another 110 employees may have had personal details stolen, and these include names and addresses, Social Security numbers, and driving license data.