Iberia Airlines Hit by Major Cyberattack as Everest Ransomware Group Steals Passenger Data Iberia Airlines, one of Spain’s leading carriers, has suffered a significant cyberattack resulting in the theft of sensitive passenger data. The breach, attributed to the Everest ransomware group, exposed approximately 596 GB of information, including frequent flyer records, personal details, and travel booking data. While full payment card details remained secure, attackers claimed to have accessed partially masked credit card information, raising concerns over potential phishing and fraud risks. The incident occurred after unauthorized access was gained through a third-party vendor, highlighting vulnerabilities in aviation’s interconnected digital infrastructure. The Everest group demanded a $6 million ransom, threatening to release or sell the stolen data if unpaid a move that could fuel large-scale fraud and reputational damage for Iberia and Spain’s tourism sector. Affected passengers, particularly Iberia Club members, were notified of the breach, with the airline confirming no immediate fraudulent activity had been detected. However, travelers were advised to remain vigilant against phishing attempts, as stolen data including names, emails, and travel histories could be exploited for targeted scams. This attack follows a pattern of high-profile cyber incidents in Europe’s aviation sector, including Everest’s previous disruption of the MUSE check-in platform in September 2025, which caused delays at major airports like London Heathrow and Berlin Brandenburg. The breach underscores the growing cybersecurity risks facing airlines, airports, and tourism-dependent economies, as digital transformation increases reliance on vulnerable third-party systems. With Spain’s tourism industry heavily dependent on secure digital operations, the incident has reignited calls for stronger cybersecurity measures across Europe’s aviation and travel sectors. The breach serves as a stark reminder of the evolving threats to passenger data and the operational integrity of global air transport networks.