ATLANTA - Several hundred thousand Delta Air Lines customers may have been exposed to a malware attack on a company the airline uses for online chat services.
"While we believe we have identified with some precision the transactions that could have been impacted, we cannot say definitively whether any of our customers’ information was actually accessed or subsequently compromised," the airline said Thursday.
There was no impact to the Fly Delta app, mobile delta.com or any other Delta computer system, and the company said payment information for Delta Wallet customers wasn't compromised.
The company hasn't provided details of how the cybercriminals got in or who breached them, but one cybersecurity expert said if your information was accessed, it was likely just credit card information and not driver’s licenses or Social Security information.
"Usually credit card companies are really good about this," said Alex DeFreese, senior security analyst at Bishop Fox. "They alert you as soon as a purchase is made and even if it does go through, you can be refunded that money."
Also on Thursday, Delta launched a website to answer its customers' questions and concerns about the attack, which can be found by clicking here.
On Wednesday, Delta said it was informed on March 28 that 7.ai, a San Jose, Calif.-based company, had been involved in a "cyber incident." Certain customer payment information for the company's clients, including Delta, may have been accessed between Sept. 26-Oct. 12, 2017.
Delta said it immediately began working to determine what impact the breach may have had on its customers, delta.com, and its computer systems. It also contacted federal law enforcement and confirmed the incident was contained by Oct. 12.
7.ai said it is cooperating with law enforcement.
"We are confident that the platform is secure, and we are working diligently with our clients to determine if any of their customer information was accessed," the company said.