ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Viva Air Data Breach

vivaair.com
Limited exposure
Verified breach
Accounts exposed 932,232
Breach date 14 Mar 2022
Added to tracker 11 Sep 2023
Data classes 7

What happened

In March 2022, the now defunct Colombian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).

Exposed data

Email addresses IP addresses Names Partial credit card data Phone numbers Physical addresses Purchases

Recommended actions

  • Watch for targeted phishing emails referencing Viva Air โ€” attackers weaponise breach data quickly.
  • Monitor your bank and card statements closely and consider requesting a card replacement.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP