Security commentators have praised Virgin America’s response and detection to a data breach.
After a security monitoring system identified unauthorised access to its corporate network, the airline alerted contractors and employees of a data breach.
According to reports, 110 employees may have had their addresses, social security numbers and driver’s licence data stolen while over 3,000 user credentials may have been compromised
According to Computer Weekly, Virgin America wrote in a staff letter: “A cyber intrusion may have resulted in the exposure of the user credentials of some employees and contractors.”
‘Providing guidance and resources for protection’
Although Alaska Airlines acquired Virgin America in a US$2.6billion deal in 2016, the breach only affected employee data on its corporate network.
“We did not identify evidence that this affected any Alaska Airlines employees or systems. Customer data for Virgin America and Alaska Airlines was not affected,” the company said in a statement sent to Computer Weekly.
“We take the protection of personal information seriously. We are in the process of notifying potentially impacted employees, contractors, and vendors about this issue and are providing them with guidance and resources to protect themselves,” the statement said.
Virgin also noted that an investigation indicated that some passwords and usernames for its corporate network might have been exposed through an IT intrusion in March 2017, and “immediate steps and measures need to be taken”.
Written by Leah Alger