Hacking of Virgin America Network Affects Employees and Contractors

Media Division | August 2, 2017

All types of digital assets and information can be extremely vulnerable as a result of even the smallest security hole. Even something as simple as an incorrect setting can result in an organization suffering a huge breach or cyber attack. This is why it is so vital and necessary that organizations are extremely meticulous when it comes to their cyber security, as anything less can be highly detrimental to them. There are numerous examples of this that prove the point, even with very large businesses ending up hit by terrible cyber incidents. In fact, the well-known airline Virgin America recently suffered a breach that resulted in the exposure of employee and contractor information.

Details of the Cyber Attack

According to a letter from the airline to their employees, they had discovered potential unauthorized access to some Virgin computer systems on March 13th during security monitoring activities. They said that the hackers were able to gain access to the employee’s passwords and login data for the corporate Virgin America network. A spokesperson had said that 3,120 contractors and employees had the above information compromised, while the personal data of another 110 may have been affected as well, including health related data, addresses, Social Security numbers, and government issued ID details. It is not known how the hackers were able to gain access to the network. According to a former employee in a statement to ZDnet, the company email is hosted with Gmail and requires two-factor authorization, which would make it extremely difficult for the hacker to actually use any of the stolen login data. As a side note, Virgin said that no customer data was affected in the attack.

Upon discovering the unauthorized access, the security team had immediately begun their incident response protocol to mitigate it, and the affected employees and contractors were forced to change their passwords. They also said that they have recruited cyber forensics experts to investigate the breach, as well as informed law enforcement. They have begun remediative actions on their systems and notified those affected. Also included in the letter were some steps that employees could take regarding the incident, such as monitoring their bank statements and credit reports for any suspicious activity. Virgin said that they are working to enhance their security and privacy practices to better prevent these types of incidents in the future. There does not appear to be any reports of Virgin offering credit monitoring or identity theft protection services for employees that had their Social Security numbers stolen, as this is a common action taken by organizations.

Using Cyber Investigation Services to Uncover the Details of a Breach

With incidents like this, it is extremely critical that organizations immediately begin a comprehensive investigation to discover the full extent of the breach. There can be numerous different factors to explore in a breach, and if a full investigation is not completed, remediation efforts may miss vital aspects. Some organizations may not have the resources to complete a meticulous investigation, in which case, they should recruit professional outside help, such as in the above scenario. It is a much better idea to enlist extra hands when needed, as a poorly done investigation could leave threats or security holes within the system. An investigation will ideally be able to determine what was affected, how badly it was affected, the vulnerability that allowed it, and the perpetrator in some cases so that further action can be taken against them. Massive Alliance can provide comprehensive cyber investigation services to help an organization fully address a breach.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.