"On March 13, 2017, during security monitoring activities, our data security team identified potential unauthorized access to certain Virgin America computer systems." - Alaska Air Vice President, Kyle Levine
Virgin America has confirmed in a letter to employees that their network had been breached and credentials had been stolen.
The breached occurred on March 13th earlier this year. Hackers had gained "gained unauthorized access to certain Virgin America information systems". It is estimated that 3,120 employees have had their login credentials compromised, while an additional 110 employees may have had sensitive personal information stolen such as social security numbers, addresses, health information, and government IDs.
In an interview with ZDNet a former employee of Virgin America said "the company hosted its email with Google and requires employees to use two-factor authentication." This makes it highly likely that the hacker didn't use any usernames or passwords that might have been exposed in a previous breach. Two factor authentication would also prevent the hacker from using any possible credentials without administrative level privilege access.
In the letter Virgin America stated "We immediately initiated our incident response plan, engaged cybersecurity experts to investigate, and notified law enforcement. We also began immediately remediating affected Virgin America systems, which included telling all Virgin America employees and contractors to reset their passwords."
ALthough credit card information was not compromised, Virgin is highly reccomending that employees "review your bank and credit card statement and credit reports for any unauthorized activity. Report suspected incidents of fraud or identity theft promptly."
All employees and contractors have since been forced to change their passwords.
Virgin American was purchased by Alaska Air for more than $2 billion back in 2016.
Alaska Airlines has not been affected according to Virgin America reps.