>
Two major European airlines have been compromised and sensitive customer data may have been accessed.
The two airlines in question are Air France and KLM, who have reached out to customers of Flying Blue, a multi-airline loyalty program that allows travelers to redeem loyalty points for a variety of rewards.
In the announcement, the airlines discussed spotting “suspicious behavior,” and while initial reports suggest no immediate financial damage was done, scammers may use personally identifiable details to steal money from customers in phase two attacks.
Sensitive data stolen
“Our security teams have detected suspicious behavior by an unauthorized entity related to your account. We have taken immediate corrective action to prevent further exposure of your data,” the notice reads. “Our Information Security Department is taking action to prevent suspicious activity related to your account.”
KLM took to Twitter to confirm the attack, saying in a brief conversation with one of its customers that the attack was “blocked in time”, meaning no miles were charged.
“I do invite you to change your Flying Blue password via the Flying Blue website,” the company said.
Whoever was behind the attack most likely gained access to customer names, e-mail addresses, telephone numbers, last transactions and Flying Blue data such as the accumulated Miles balance. Credit card and other customer payment information is apparently safe.
The companies also closed the affected accounts and told their customers to use the accounts – they had to update their passwords first.
Airline terminals (opens in new tab) are a popular target for cybercriminals. Last September, American Airlines reported that an unauthorized actor had compromised the email accounts of a “limited number” of team members, and in mid-2021 data giant SITA disclosed a breach that affected at least 4.5 million Air India travelers. .
Through: Beeping computer (opens in new tab)