Solairus Aviation, a private aviation services provider, announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis.
The company released an announcement about a data breach on March 23.
Solairus is based in Petaluma, California, and employs 1,500 flight crew and staff and operating from over 65 bases.
Solairus said Avianis, their partner and an aviation business management platform provider, notified them last December about an intrusion into Microsoft Azure cloud platform of Avianis.
The company used Microsoft’s cloud to host flight scheduling and tracking system information which included employee and customer data.
Upon receiving the notification, Solairus initiated an investigation into the incident that revealed that some of Solairus’ data hosted on the Azure coud had been accessed by an unknown party.
Solairus confirmed data stored in that environment and now possibly stolen included employee and client names, dates of birth, driver’s license numbers, Social Security numbers, passport numbers, and financial account numbers.
The private aviation services provider has informed its affected customers, but noted that it does not have the “current addresses for all such individuals.”
The company reminded both employees and clients to remain vigilant for any sign of unauthorized activity and to review their financial bank statements for any unauthorized charges or suspicious activity. The affected individuals should immediately contact their financial institution if such activity is found.
The company begged apology from its customers and assured it cares about their privacy:
“Solairus regrets the inconvenience or concern this incident may cause you. Every member of the Solairus community is important, and Solairus values your security and privacy.”
Solarius is the second aviation company to report a breach of its data through Avianas cloud. Earlier, Jet Aviation experienced a similar data breach of employee and customer data as Solairus.