Payments through the airline’s website and mobile app were stolen over the three-week period, but a key clue was that travel information wasn’t affected. Yonathan Klijnsma, a threat researcher at RiskIQ, suspected it might be the same group that was behind the Ticketmaster breach, in which hackers targeted a third-party that loaded code on Ticketmaster’s various sites. From there, it could siphon off thousands of transactions. This time, Klijnsma said the group took an even more “highly targeted approach,” describing a wave of attacks that the “Magecart” collective has used to steal thousands of records from various sites in recent months. Get the full story at TechCrunch and Wired