SAS Cyber Attack – Update
Last night SAS, alongside several other companies, were subjected to a cyberattack that led to our website and app being down for a few hours. Furthermore, some passengers' data became visible to other passengers who were active during the ongoing attack.
We are currently investigating the incident, but we can confirm that the affected passengers’ contact details, previous and upcoming flights, as well the last four digits of the credit card number were visible.
We can reassure passengers who are worried that their credit card information has spread, that only the last four digits of the credit card number have been visible. There has been no risk that this information could be exploited. No passport details have been shared and no EuroBonus points should be affected.
Attacks like this often come in batches and more attacks are likely to come in the near future. However, this should not impact any passenger data.
We always cooperate with the national CAA (Civil Aviation Agency), police, and security police when security matters are concerned – irrespective of the issue in question. We are monitoring the situation closely and continue the work to analyze and evaluate the attack and related consequences, as well as take preventive measures.