Virgin America has alerted employees and contractors to a potential data breach after its security monitoring systems identified unauthorised access to it corporate network.
The airline said in a letter to staff that a cyber intrusion may have resulted in the exposure of the user credentials of some employees and contractors.
Virgin America said it had initiated its incident response plan and taken immediate steps to respond to the intrusion, including taking measures to mitigate the impact to affected individuals.
The company said it had also engaged cyber security experts to investigate, notified law enforcement, and told employees and contractors to reset passwords.
Virgin America said it has changed our password policies in response to the incident, and will now require employees and contractors to change their passwords every 90 days.
According to reports, just over 3,000 user credentials may have been compromised, while 110 employees may have had their addresses, social security numbers and driver’s licence data stolen.
Although financial information is not believed to have been affected, Virgin America has advised staff to check bank and credit card statements and credit reports for unauthorised activity.