Skip to main content

How a leading European airline maintains PCI DSS compliance with Enterprise Recon

Airline
Industry

Transportation

Challenge

Following a data breach, a multinational airline based in Europe wanted urgently to accelerate their PCI DSS compliance program with a solution designed to identify and protect payment card data across the organization.

Results

With Enterprise Recon PII deployed, the airline could identify and manage credit card data wherever it was stored in their systems, enabling them to achieve PCI DSS compliance.

Key Product

Enterprise Recon PII

Icon

Cost of a data breach transportation 2025

$3.98m

Icon

increase in cyber-attacks since 2020

75%

Icon

Stolen data is customer PII

46%

What our customers are saying

Corporations Have Data Stored In So Many Locations That It Is Impossible To Manually Look For Information. With The Data Security Tool From Ground Labs, It Makes The Process Easy And Simple For Organizations To Search For Data That Is Stored In A Non-secure Manner And Take Corrective Actions To Remediate It And Secure The Data.

Ajay Unni

CEO

What our customers are saying

Enterprise Recon PII provides our team with centralized management of our data discovery process, allowing us to manage all scans from a single location without having to physically go to each and every machine to install and scan. This has created greater awareness of how and where we store data, enabling us to stay compliant with a variety of privacy regulations.

Nurettin Akhan

Manager, Cloud Services Systems

What our customers are saying

Enterprise Recon PII provides our team with centralized management of our data discovery process, allowing us to manage all scans from a single location without having to physically go to each and every machine to install and scan. This has created greater awareness of how and where we store data, enabling us to stay compliant with a variety of privacy regulations.

Nurettin Akhan

Manager, Cloud Services Systems

70%

Reduction in the time data import tasks take

Reduction in the time data import tasks take

100%

Success rate for customers using Flatfile

Success rate for customers using Flatfile

Airline

The transportation industry has always moved us across geographic boundaries, but today, it’s pushing digital boundaries as well.

Airlines, automobile manufacturers and other types of transportation companies are collecting and sharing increasing amounts of customer data.

Customers trust these businesses with vast amounts of sensitive personal information, including passport information, drivers’ license numbers and payment card data.

Industry

The challenge

An airline managing payments for thousands of businesses

In 2020, a domestic multinational airline based in Europe suffered a significant data loss. A highly sophisticated cyber-attack affected personal and cardholder data from approximately 9 million of the airline’s customers – both a major issue for the customers and a reputational problem for the brand.

The journey

The airline was storing cardholder data across a variety of servers, databases, and other locations, including O365, OneDrive, Notes, Teams, Forms, Azure, SharePoint online, Hadoop HortonWorks & Cloudera, and AWS Glacier.

With millions of customers, the company needed urgent help achieving compliance with Payment Card Industry Data Security Standard (PCI DSS). PCI DSS compliance is mandatory for businesses handling credit card numbers due to a heightened number of data breaches, to protect customers from credit card fraud.

Hackers are highly motivated to steal credit card data. If they gain access to sensitive data including primary account numbers, cardholder names and authentication codes, hackers can impersonate the cardholder, use the card to make purchases and even steal the cardholder’s identity.

If a similar data breach occurs again and hackers gain access to additional customer credit card data, the airline could suffer further financial and reputational losses. Customers lose trust in businesses after data breaches, and the costs of this add up.

To protect sensitive data and maintain customer trust, the airline needed a solution to help it accurately, quickly and easily identify where its credit card data was stored, enabling the company to remediate and protect the sensitive data before any future compromise.

The airline turned to Ground Labs for help scanning and identifying cardholder data across its network, with the ultimate goal of becoming PCI DSS compliant within a year.

assetsV2_qEhQFVDGaftloTLHHbRz_asset 1-1

The solution

Ground Labs’ Enterprise Recon helps airline maintain PCI DSS compliance

Because this airline handles such a high volume of credit card numbers, the team knew it had a monumental task ahead to find where all that data was being stored. In 2020, it decided to partner with Ground Labs and now relies on award-winning Enterprise Recon to meet and maintain PCI DSS compliance.

The company uses Enterprise Recon PII to find where credit card numbers are stored within its structured and unstructured data sources – including files, databases, emails, cloud, big data and more. After scanning for credit card numbers, Enterprise Recon PII allows the team to view and analyze where sensitive data resides and immediately contact the owners to take action.

Ultimately, Enterprise Recon PII provides a blueprint of the social security and credit card number storage locations across the organization, allowing the airline to ensure on an ongoing basis that it is not storing any social security or credit card numbers unnecessarily, and address any vulnerable or unauthorized data stores. It ensures that the company can securely store and protect the sensitive information of its customers.

Enterprise Recon identified 60 million credit card numbers in the airline’s ecosystem within the first quarter of deployment.

Within the first quarter of scanning with Ground Labs’ Enterprise Recon, the airline identified over 60 million card numbers dispersed across their digital ecosystem. Enterprise Recon’s delegated remediation feature enabled the airline to assign multiple teams to address the risk using Enterprise Recon so this massive undertaking didn’t fall solely on the shoulders of IT.

check mark

Ready to get started?

Talk to one of our experts to review your results and discover how Ground Labs can help you take control of your data.