Delta Air Lines said Tuesday that a cyber security breach involving an online chat service it uses put some customer payment information at risk.
Atlanta-based Delta said it was notified of the "cyber incident" March 28 by online chat service provider [24]7.ai. From Sept. 26 to Oct. 12, 2017, "certain customer payment information" for clients of the online chat service including Delta may have been accessed.
The airline said it will contact customers who may have been affected by the cyber incident. "In the event any of our customers' payment cards were used fraudulently as a result of the [24]7.ai cyber incident, we will ensure our customers are not responsible for that activity," Delta said in a written statment.
The airline will also launch a website by noon April 5 at delta.com/response to address customer questions and concerns.
Delta said no other customer personal information such as passport, government ID, security or SkyMiles information was affected.
The airline said it “engaged federal law enforcement and forensics teams.”
“At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised,” Delta said in a written statement.
[24]7.ai issued a statement saying that the incident affected “a small number of our client companies,” and it has notified affected clients.