At the end of last month, Virgin America sent a letter to its employees, informing them that hackers have breached the company's systems. The letter confirms that the attackers managed to get access to the airline's network and compromise numerous employee accounts, possibly stealing personal data of workers and contractors of Virgin America. For now, no further details about who could have organized the hack have been revealed. The company only comments that it has already initiated an investigation and is working together with the law enforcement agencies to find out how the attack happened. Currently, cyber security forensic experts are investigating the incident, and more details should be announced as soon as available.
Virgin America also explains in the letter that its cyber security department detected the breach in the middle of March this year while monitoring certain activities in the airline's computer systems. As an immediate response to the accident, the company activated its incident response protocol and, at the same time, took the necessary steps to limit the impact of the attack on the affected employees. It looks like the attackers were targeting only workers and contractors of the company as no customer data was impacted.
The company claims that the hackers haven't had access to any credit card data, yet the scale of the incident still looks huge. There are no officially announced exact numbers as to how many employee accounts were compromised, though a spokesman of Virgin said in an interview that usernames and passwords of 3,120 contractors and employees might have been stolen. Further on, the attackers could have had access to the personal details of another 110 workers, the affected data including addresses, names, driving license data, and social security numbers. The immediate recommendation for all affected persons is to reset their passwords and just for safety, to monitor their bank and credit card reports for any suspicious activities.
The hacking attack takes place shortly after Virgin America was acquired by Alaska Air in 2016. However, the cyber security experts claim that only Virgin's network has been affected by the breach while its owner's systems remained completely untouched.