Following a security incident involving its website’s chat function, Delta filed suit in the Southern District of New York against its tech vendor, 7.ai. Delta alleged fraud, negligence and breach of contract. A consumer class action lawsuit had already been filed against Delta in the Northern District of Georgia, related to the same incident.
According to the Complaint, on March 28, 2018, Delta was notified by 7.ai that a security incident had potentially compromised personally identifying information and payment card data of up to 825,000 of Delta’s customers. Delta alleges that “at least one third-party attacker gained access to Defendants’ computer networks and modified the source code of Defendants’ chat services software to enable the attacker to ‘scrape’ PII and payment card data from individuals using websites of Defendants’ clients, including Delta’s website…” Delta engaged a forensics team and began working with federal law enforcement upon receiving notice from 7.ai. Delta then publicly announced the breach, notified its customers, launched free credit monitoring services, and filed a lawsuit against 7.ai. Delta is seeking reimbursement of all breach-related costs. Continue Reading Delta Airlines Sues Vendor for Data Breach