Last week we explained in our article how unauthorized access to Iberia customer information had occurred through an external provider. Now the situation has evolved: the cybercriminal group Everest has demanded 5.18 million euros in order not to disclose the stolen data, which includes personal information of customers and external contacts. Although flight systems continue to operate normally, this incident once again highlights the vulnerability of digital supply chains and the importance of strengthening cybersecurity in suppliers and partner platforms.

Iberia reports a cyberattack that compromises the personal data of its customers

Case updates

  • The attackers accessed a communication repository managed by a third party, instead of attacking Iberia's core systems.
  • The Everest group claims to have stolen approximately 596 GB of internal data, including the ability to view and edit customer reservations.
  • The payment of 6 million dollars (about 5.18 million euros) is required in order not to disclose the stolen information.

Compromised Information

The company indicates that the breached data could include:

  • First and Last Name
  • E-mails
  • Telephone numbers
  • Iberia Club membership numbers
  • Reservation codes for future flights
  • Iberia assures that no financial data or passwords have been affected, and that the information stolen is limited, but the risk of misuse persists.

Impact and potential risks

Stolen information could be used to carry out targeted phishing campaigns or impersonation, while the manipulation of reservations could lead to fraud or BEC (Business Email Compromise) attacks. The ransom demand shows how cybercriminals seek to exert economic pressure on the company, and the reputational and legal damage can be significant, especially if the data were to be publicly disclosed.

What has Iberia done

Iberia has taken immediate steps to mitigate the impact of the incident, including reporting the cyberattack to the UCO, the Spanish Data Protection Agency (AEPD) and INCIBE. In addition, it has reinforced the security of its systems, implementing two-step authentication (2FA), and it has contacted potentially affected customers, enabling a free support channel to address any related incident.

Apolo Cybersecurity Recommendations

For companies with external vendors and critical operations, we recommend:

  • Implement a robust third-party risk management (TPRM) program.
  • Adopt Zero Trust architectures without implicit trust in external systems.
  • Apply multifactor authentication to critical services.
  • Perform regular audits and penetration tests in own and vendor environments.
  • Have clear and coordinated incident response protocols.
  • Train staff in phishing, ransomware and digital extortion.

Strengthen your organization before the next leak

Don't wait for an attacker to decide for you. At Apolo Cybersecurity, we help audit your supply chain, reinforce your digital architecture and train your team to prevent attacks before they escalate. Acting today is the best defense against threats such as those suffered by Iberia.

Prev Post
Next Post

Any questions?
We're happy to help!

CONTACT US TODAY!
info@apolocybersecurity.com
Data Controller: Apolo Analytics SL
Purpose: To process your request and respond to your message.
Legal Basis: Consent of the interested party upon submitting the form.
Recipients: Data will not be transferred to third parties, except under legal obligation.
Rights: You may exercise your rights of access, rectification, and deletion, among others, by sending an email to secretaria@apolocybersecurity.Com.
Additionall information: You can view the full information on our Privacy Policy.

Thank you!

Your message has been successfully received.
Oops! Something went wrong when submitting the form.
We are waiting for you!
Schedule a call
Project photo
send us an email
Project photo
+34 937948378
Project photo
Carrer de Sant Joan de la Salle 42, Barcelona, spain
Project photo
FAQScontactTERMS AND CONDITIONSWork with Us
Accelerated by:
Certifications:
Light Eyes is part of Apolo Cybersecurity
LEGAL NOTICEPRIVACY POLICYCookies
Privacy Settings
Copyright © 2025 Apollo Cybersecurity