Virgin America notified its employees that its network was compromised back in March 2017. Data concerning thousands of employees and contractors was accessed by unauthorised persons.
The breach was discovered during what seems like routine security monitoring activities. According to a Virgin spokesman they ‘immediately took steps to respond to the incident’ once it had been discovered.
Mark James, ESET IT Security Specialist, explains that there are positives to be taken from this breach, but we should not forget that all data has value.
“The positive thing to take from this is that they spotted they had been hacked and have notified the affected parties, the bad of course is that hackers were able to get away with data that is unchangeable.
“As usual the obligatory line is included ‘credit card information wasn’t compromised’ and that is great news but it’s a lot easier to cancel or change a credit card than it is to change the info that was stolen.
“This includes names and addresses, Social Security numbers, and driving license data: all the types of data that have and will be used to attempt to gain more info, identity theft, or be used as a basis of trust to communicate with others.
“We tend to prioritise financial data over other stolen data because it can have an immediate affect but they are easy to change, they expire, or we replace them if we find a better company to look after our finances.
“It’s a lot harder to change the data we see stolen every day, although with that said it’s not impossible to change your social security number if you are concerned, but bear in mind changing your number is not easy, and this is not a decision to be taken lightly and how often can you do it?
“These days if you were to change your name, address and social security number every time it was hacked or stolen it would turn into a hobby rather than an odd occurrence.
“Of course if you are or have been affected by a data hack the usual procedures should be followed: keep an eye on your finances, even small out of the ordinary transactions you don’t recognise might be an indication that something is not right.
“Always be wary of emails or phone calls asking for more information. If you get one, take a few minutes to validate if it is genuine, if needed call them back using a publically advertised number and check to make sure. They want you to be safe as much as you want to be safe so they will be happy to help you validate them as a company that cares.”
Are you more concerned about financial information being leaked than other private information? Let us know on Twitter @ESETUK.
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.