Air Miles España, a company operating Travel club, a well-known coalition loyalty platform, has reportedly fallen victim to a ransomware attack by the Everest group.
-
Air Miles España, a company operating Travel club, a well-known coalition loyalty platform, has reportedly fallen victim to a ransomware attack by the Everest group.
-
The attackers claim to have exfiltrated 131GB of data, including millions of customer records such as names, emails, account IDs, demographics, activity data, and marketing information.
-
The implications of the Air Miles España data breach extend beyond consumers and could impact marketing partners, retail chains, and advertisers who rely on the platform’s analytics and cross-promotional data.
The attackers claim to have exfiltrated 131GB of data, including millions of customer records such as names, emails, account IDs, demographics, activity data, and marketing information.
The Everest ransomware gang demands that the victim pay the ransom. As of Tuesday morning, there were six days left for Air Miles España to respond one way or another.
Early indicators suggest that attackers exfiltrated confidential information before encrypting internal systems, a pattern consistent with Everest’s double extortion model.
According to Cybernews researchers, samples provided in the post on the dark web leak portal are screenshots of a CSV document with full customer names, emails, and loyalty program data.
Everest’s claims haven’t yet been publicly confirmed by the company, but historical patterns suggest high accuracy as the gang typically lists organizations only after completing exfiltration.
Cyberness has reached out to Travel Club, a platform operated by Air Miles España, for comment and will update the article once we receive a reply.
Travel Club is widely used across Spain and serves more than six million customers who accrue points through retail partners, airlines, fuel companies, and online merchants.
The platform is operated through partnerships with some of Spain’s largest brands, such as Repsol, Eroski, and Iberia, and holds an important position in the Spanish advertising and loyalty ecosystem.
This means that the implications of the Air Miles España data breach extend beyond consumers and could impact marketing partners, retail chains, and advertisers who rely on the platform’s analytics and cross-promotional data.
“One can expect an increase of social engineering attacks on customers, potential regulatory scrutiny, and reputational damage to the company,” said Cybernews researchers.
In fact, the advertising and loyalty industries have become increasingly targeted by ransomware gangs due to the large amounts of sensitive data they typically handle. This makes breaches potentially harmful to the broader market as well as user privacy.
Everest is one of the most aggressive ransomware groups in operation today. It recently targeted Brazilian petroleum giant Petrobras and Under Armour, the global activewear and footwear brand.
The ransomware gang – believed to be Russia-linked – was first spotted in 2021. It made headlines after the October 2022 attack on the American telecommunications behemoth AT&T.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked