(Reuters) – Spanish airline Air Europa said on Friday personal data of its customers may have been compromised in a security incident that was detected in October last year.
The company’s investigation showed that name, ID card or passport details, date of birth, telephone number, email address and nationality details could have been leaked, Air Europa told its customers in an email that was seen by Reuters.
Air Europa said the company immediately reported the situation to the authorities and costumers so they could take precautions.
“Air Europa continues to implement preventative measures in what is an ongoing process of security innovation given increasing incidents,” it said.
The Wall Street Journal first reported the news, but cited the statement to International Consolidated Airlines Group (IAG).
IAG, which has a 20% stake in Air Europa, told Reuters that it “would never email (Air Europa’s) customers directly”.
Madrid-based Air Europa in October suffered a cyber attack on its online payment system that left some of its customers’ credit card details exposed.
The carrier at the time said no other information was exposed without specifying the number of customers affected.
Last year, IAG agreed to pay 400 million euros ($434 million) to Spain’s Globalia for the remaining 80% of airline Air Europa it did not already own. The deal has not closed, as it is being examined by competition regulators.
($1 = 0.9206 euros)
(Reporting by Chandni Shah in Bengaluru; Editing by Saumyadeb Chakrabarty and Mark Potter)