JetBlue informed of malware on their system; Crewmembers notified months later?
A correspondent indicates that JetBlue has reportedly notified employees of a “potential” breach of their confidential information. In a written notification sent via mail, dated June 24, 2011, JetBlue states:
“A federal law enforcement agency recently informed JetBlue that malicious software may have been installed on our computer systems. Upon notification, we immediately launched an investigation and, upon finding the malicious software, removed it.”
“Our investigation has revealed that the malicious software was designed to allow an attacker to remotely search and collect information stored on our computer systems. On April 1, 2011, we learned that the affected systems included computer files containing confidential business information as well as personal information including the names, social security numbers and retirement fund account balances of Crewmembers employed by JetBlue since 2005.
“We would like to emphasize that, to date, we have no evidence that your personal information was actually obtained or has been misused.”
JetBlue is reportedly offering affected employees 12 months of services through Debix.
If anyone has a copy of the notification that they can scan in and email to me at admin[at]databreaches.net, that would be great.