[24]7.ai Cyber Incident and @Delta ‘s Response

Delta has been sending out letters to inform customers that they have been notified of a security breach of [24]7.ai, the chat service they (and other companies) use. At this moment it’s unclear just how many customers were affected, but there is the potential that it could be several hundred thousand customers.

Incident Timeline from Delta.com

The good news is that no passport or government ID information was impacted, and the scope of the breach is limited to the customer payment information. The culprit seems to be malware present in [24]7.ai’s software that was present between September 26 and October 12, 2017 that allowed for unauthorized access to form-fields when manually completing a transaction on any delta.com desktop platform at the time. The specific form-fields that were targeted were: name, address, payment card number, CVV number, and expiration date. This breach was limited to the desktop platform. The FlyDelta app, mobile delta.com site, and other systems were all unaffected.

The better news is that Delta has informed us in a timely manner (they were told on March 28th, they released the response website on April 5th, and they have been sending letters to SkyMiles members since). They have also reached out to AllClearID to offer complimentary two year credit monitoring for all SkyMiles members as a precautionary measure.

AllClearID Details

As always, keep a close eye on all your credit card statements and get in touch with issuers if you see anything questionable!