Between September 26, 2017, and October 12, 2017, at least one hacker tapped delta.com via [24]7.ai’s computers, according to Skift. Even if the carrier still does not know if a hacker misused any of its customers data, the hacker could have scraped the names, addresses, and full credit card details of up to 825,000 US customers.
The airline alleges the company had a weak password for its systems, making it too easy for an outsider to crack. The carrier wants to recover millions of dollars in costs it spent investigating the breach, notifying its customers, and paying for free credit monitoring products for affected passengers. In addition, the airline is also defending itself in consumer class action suits over the data breach.
Nevertheless, [24]7.ai kept news of the breach from the airline until March 2018. That was a month after the carrier had signed a renewal contract, the online publication adds. The delay violated the vendor’s contractual promise to let Delta know right away of any data breach.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now