Filenews 18 June 2025 - by Charalambos Zakos
Cyprus Airways refers to the possible leakage of its passengers' personal data to third parties in a relevant email sent to its customers.
In particular, Cyprus Airways notes in the email to its customers that recently, an unauthorized external party gained access to a passenger file through phishing, but there was no breach of their server or electronic infrastructure.
According to the company, the data that may have been affected does not include passwords, credit card details or any other payment-related information, but mainly relates to the contact details of customers who have booked airline tickets in the past.
Specifically, the information that may have been leaked to third parties includes: name, identity number or passport number, email address, telephone number, flight number and itinerary, as well as fare type.
Sources from the company told "F" that the company managed to stop the attack, so lists of all passengers have not been leaked.
Cyprus Airways warns its passengers that there is a possibility that contact information could be used to send misleading or malicious messages (phishing) that appear to come from Cyprus Airways or related entities, stressing that for this reason its customers should be particularly careful with emails or messages asking for personal or financial information, always check the sender's address and don't open suspicious links or attachments.
Cyprus Airways took immediate measures. As Cyprus Airways notes, the protection of privacy and the security of passenger data are a top priority for the company, stressing that with the immediate notification of the incident, Cyprus Airways took immediate measures to investigate the incident, identify the compromised account and analyze the systems. These actions include the further strengthening of security measures.
