Spanish flag carrier Iberia, part of the International Airlines Group (IAG), confirmed that some customer data linked to its loyalty programme had been compromised in a recent cybersecurity incident. The airline stated that the breach occurred through a system managed by an external service provider, not its primary operational infrastructure.

🔹 What Information May Have Been Affected

According to Iberia, the breach may have exposed customer details such as names, email addresses, phone numbers, and travel-related identifiers.
The airline clarified that passport details, payment information, and passwords were not accessed, reducing the risk of direct misuse of sensitive financial data.

🔹 No Evidence of Fraudulent Activity So Far

Despite confirming the data compromise, Iberia emphasised that no irregular or fraudulent use of the affected information has been observed to date.
The company said it is continuing to monitor systems and is working with cybersecurity experts to ensure there is no emerging threat connected to the incident.

🔹 Iberia Notifies Authorities, Begins Investigation

In compliance with European data protection regulations, Iberia has informed the Spanish Data Protection Agency and relevant cybersecurity bodies.
An internal investigation is underway, alongside cooperation with external technical teams to determine the scope, source, and impact of the breach.

🔹 Advisory to Customers: Stay Alert

While assuring customers that critical data was not exposed, Iberia encouraged affected users to:

• Monitor inboxes for suspicious emails

• Avoid clicking on unknown links

• Update passwords across platforms

• Enable two-factor authentication wherever possible

The airline also warned customers to be cautious of phishing attempts that commonly follow such incidents.

🔹 Aviation Industry Continues to Face Rising Cyber Threats

The breach comes as the global aviation sector increasingly grapples with complex cyberattacks targeting airlines, airports, and booking platforms.
With large volumes of personal data and extensive digital networks, airlines remain high-value targets for cybercriminals.