Book RotanaGreat Hoteliers Offers from Rotana Hotels

E-distributions and revenue management in hospitality

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
09
Apr

Delta Air Lines’ chat vendor discloses 6-month-old data breach

Posted by on in Industry News
  • Font size: Larger Smaller
  • Hits: 95
  • Print

The payment data of a “small subset” of Delta Air Lines customers may have been exposed when [24]7.ai, the vendor of the airline’s chat function, was hacked.

The incident occurred between Sept 26 and Oct. 12, 2017, but [24]7.ai did not inform Delta until March 28.

In turn, Delta made the incident public a week later.

Delta would not comment on the reasons for the timing of either disclosure, but it offered a timeline of related events on its website.

On Oct. 12, [24}7.ai discovered and contained the breach, which affected only payment data of customers who used Delta’s chat function on either its website or mobile app.

Other personal data, such as passwords or Social Security numbers, were not exposed.

During the following months, the San Jose, Calif., vendor worked with law enforcement to investigate the cause of the breach.

When Delta learned of the incident in March, it began working with [24}7.ai to gauge any potential impact the incident had on its customers or systems.

“We also engaged federal law enforcement and forensic teams, and have confirmed that the incident was resolved by [24]7.ai last October.”

Delta said it could not confirm whether any customer data were, in fact, exposed in the hack.

Out of an “abundance of caution,” however, it shut down the chat function and offered free protection services to customers who feel they may be at risk.

That and other information is available at a dedicated website here.

Sears and Best Buy say their customers may also have been affected.

Bills to require companies to disclose data breaches within in a certain time have been introduced in the US Congress from time to time, but the efforts – generally backed by Democrats – have stalled.

Several states, however, have passed laws requiring timely disclosure.

Florida allows companies to report within 30 days, the tightest window.

Under the European Union’s General Data Protection Regulation (GDPR), which goes into effect on May 25, companies will have 72 hours to disclose data breaches.

Henry Harteveldt, chief analyst at Atmosphere Research in San Francisco, said companies need to pay close attention to the laws governing disclosures.

“You don’t have four or five months to report these things. In this digitally based commercial environment, you won’t have four or days.”

Original author: Michele McDonald
©tnooz.com
Rate this blog entry:
0

Comments

Must-see Stuff

Your Name:
Your Email:

The Rotana Magazine June 2013
Industry News
Rate this blog entry:
6
Rotana.com
Rotana Mobile App enables browsing and booking on the go
Industry News
Rate this blog entry:
7
Abu Dhabi connects the tech, Gulf Air flight plans, and more…
Industry News
Rate this blog entry:
0
Holidayen - Tnooz TLabs - 1
Holidayen wants to get up close and personal with trip itineraries
Industry News
Rate this blog entry:
3
thesearchagency 1
How well do 100 major accommodation and destination websites perform on mobile?
Industry News
Rate this blog entry:
0
Go to top