ShellCodeX Breach Report
Viva Air Data Breach
vivaair.com
Verified breach
Accounts exposed
932,232
Breach date
14 Mar 2022
Added to tracker
11 Sep 2023
Data classes
7
What happened
In March 2022, the now defunct Colombian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).
Exposed data
Email addresses
IP addresses
Names
Partial credit card data
Phone numbers
Physical addresses
Purchases
Recommended actions
- Watch for targeted phishing emails referencing Viva Air โ attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP