Cybersecurity

Iberia Discloses Customer Data Leak After Vendor Security Breach

2025-11-23 0 views admin
Iberia Discloses Customer Data Leak After Vendor Security Breach

Spanish flag carrier Iberia has begun notifying customers of a data security incident stemming from a compromise at one of its suppliers.

The disclosure comes days after a threat actor claimed on hacker forums to have access to 77 GB of data allegedly stolen from the airline.

Iberia, Spain's largest airline and part of IAG (International Airlines Group), says unauthorized access to a supplier's systems resulted in the exposure of certain customer information.

According to an email seen by threat intelligence platform Hackmanac, the compromised data may include:

The airline says customers' Iberia account login credentials and passwords were not compromised, nor was any banking or payment card information accessed.

"As soon as we became aware of the incident, we activated our security protocol and procedures and implemented all necessary technical and organizational measures to contain it, mitigate its effects, and prevent its recurrence," states the security notice mailed out in Spanish.

Iberia says it has added additional protections around the email address linked to customer accounts, now requiring a verification code before any changes can be made.

The airline is also monitoring its systems for suspicious activity. Relevant authorities have been notified, and the investigation remains ongoing in coordination with the involved supplier.

"As of the date of this communication, we have no evidence of any fraudulent use of this data. In any case, we recommend that you pay attention to any suspicious communications you may receive to avoid any potential problems they may cause. We encourage you to report any anomalous or suspicious activity you detect to our call center by calling the following telephone number: +34 900111500," continues the email.

The timing of the disclosure is noteworthy, as it follows a claim made roughly a week ago by a threat actor online that they had access to 77 GB of purported Iberia data and were attempting to sell it for $150,000.

Source: BleepingComputer

🏷️ Tags

securityhackbreachthreat

More from Cybersecurity

Update: Attackers Exploit Zero-day In End-of-life D-link Routers 2026

Update: Attackers Exploit Zero-day In End-of-life D-link Routers 2026

2026-01-07 0
Critical Jspdf Flaw Lets Hackers Steal Secrets Via Generated Pdfs - Complete Guide

Critical Jspdf Flaw Lets Hackers Steal Secrets Via Generated Pdfs - Complete Guide

2026-01-07 0
Phishers Exploit Office 365 Users Who Let Their Guard Down 2026 - Analysis

Phishers Exploit Office 365 Users Who Let Their Guard Down 2026 - Analysis

2026-01-07 0
Breaking: Logitech Options+, G Hub Macos Apps Break After Certificate Expires

Breaking: Logitech Options+, G Hub Macos Apps Break After Certificate Expires

2026-01-07 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views