by Two major European airlines were compromised and sensitive customer data was likely accessed.
The two airlines in question are Air France and KLM, which have contacted customers of Flying Blue, a multi-airline loyalty program that allows travelers to exchange loyalty points for various rewards.
In the announcement, the airlines discussed detecting “suspicious behavior,” and while initial reports suggest no direct financial damage has occurred, crooks may be using personal information to steal customer funds in second-tier attacks.
Sensitive data stolen
“Our security teams have detected suspicious behavior related to your account by an unauthorized entity. We immediately took corrective action to prevent further disclosure of your information,” the notification reads. “Our information security department is taking steps to prevent suspicious activity related to your account.”
KLM took to Twitter to confirm the attack and, in a brief conversation with one of their customers, said the attack was “blocked in time,” meaning no miles were charged.
“However, I invite you to change your Flying Blue password via the Flying Blue website,” the company said.
Whoever was behind the attack most likely accessed customer names, email addresses, phone numbers, recent transactions, and Flying Blue data such as accumulated mileage. Credit card and other customer payment information appears to be safe.
The companies also suspended the affected accounts and told their customers to use the accounts – they must update their passwords first.
Airline endpoints (opens in new tab) are a popular target for cybercriminals. In September last year, American Airlines reported that an unauthorized actor had compromised the email accounts of a “limited number” of its team members, and in mid-2021 flight data giant SITA revealed a breach affecting at least 4.5 million Air India travelers were affected.
Above: computer beeps (opens in new tab)
#Leading #European #airlines #confirm #customer #accounts #hacked
