Iberia reports a cyberattack that compromises the personal data of its customers

Iberia has confirmed that it has been the victim of a cyberattack that allowed unauthorized access to the personal data of certain customers. The company activated its response protocols and notified the incident to the Spanish Data Protection Agency while evaluating whether the intrusion originated from any of its technology providers. Although the airline maintains that its critical systems are still operational, the exposure of sensitive information once again shows how the airline industry continues to be a priority target for cybercrime.

_{What has happened?}

According to information published by Iberia, irregular access to personal data managed as part of several airline services was identified. The incident led to the immediate containment of the affected system and the activation of internal security measures to avoid a major impact. The airline has also launched an investigation to determine the exact origin of the attack and whether an external provider could be the route of entry.

‍

_{What type of information would have been compromised}

Iberia has not yet provided the full list of affected data, but it has confirmed that the breach affects personally identifiable information. Potentially exposed data could include names, email addresses, telephone numbers or contact information associated with reservations, although it is emphasized that no financial data or payment information has been compromised.

‍

_{The Role of Technology Providers}

One of the main lines of research focuses on whether the attack occurred through a technological partner that provides services to Iberia. In the aeronautical sector, external suppliers manage critical processes such as reservations, customer service, document maintenance or flight tools. A breach at any of these points can allow cybercriminals to amplify their access and obtain sensitive information without the need to directly attack the airline.

‍

_{An incident with a wide potential impact}

Although Iberia assures that operating and flight security systems have not been affected, the leak of customer personal data poses a significant reputational and legal risk. In addition, these types of incidents can open the door to targeted phishing campaigns, impersonation or fraud attempts taking advantage of user trust in the brand.

‍

_{The incident in context: an increasingly pressured sector}

The attack on Iberia is in addition to a growing trend of intrusions aimed at airlines and transport companies. Criminal groups know that these sectors handle large volumes of sensitive information, depend on external providers and have complex infrastructures, factors that increase the attack surface. For airlines, strengthening the digital supply chain has become a strategic priority.

‍

_{What we recommend from Apolo Cybersecurity}

To mitigate risks in organizations in the transportation sector—and especially in companies with multiple vendors—we recommend:

• Continuous third-party assessment (TPRM) to detect vendor vulnerabilities before they are exploited.
• Zero Trust architectures, limiting access and avoiding broad or permanent permissions.
• Periodic penetration tests, simulating attacks on internal platforms and partner systems.
• Specific protocols for sensitive data, including secure storage, encryption and access with reinforced monitoring.
• Awareness and continuous training, key to detecting anomalous activities before they escalate.

‍

_{Strengthen your digital security before the next breach}

Cyberattacks on large companies continue to grow and personal data remains the number one target.

Protecting your organization today means avoiding a crisis tomorrow. If you need to review your security or assess risks in your supply chain, we can help.