Two major European airlines have been compromised, and sensitive customer data likely accessed.
The two airlines in question are Air France, and KLM, who have contacted customers of Flying Blue, a multi-airline loyalty program which allows travelers to exchange loyalty points for different rewards.
In the announcement, the airlines discussed spotting “suspicious behavior”, and while initial reports suggest no direct financial damage was done, crooks can use personally identifiable data to steal customer funds in stage-two attacks.
Sensitive data stolen
“Our security operations teams have detected suspicious behavior by an unauthorized entity in relation to your account. We have immediately implemented corrective action to prevent further exposure of your data,” the notification reads. “Our Information Security department is taking actions to prevent any suspicious activity with regard to your account.”
KLM took to Twitter to confirm the attack, and in a brief discussion with one of its customers, said the attack was “blocked in time”, meaning no miles were charged.
“I do however invite you to change your Flying Blue-password via the Flying Blue-website,” the company said.
Whoever was behind the attack most likely accessed customer names, email addresses, phone numbers, latest transactions, as well as Flying Blue data such as earned miles balance. Credit card and other customer payment information is apparently safe.
The companies also locked down the affected accounts and told their customers to use the accounts – they need to update their passwords, first.
Airline endpoints (opens in new tab) are a popular target for cybercriminals. In September last year, American Airlines reported that an unauthorized actor compromised the email accounts of a “limited number” of its team members, and in mid-2021, airline data giant SITA disclosed a breach which affected at least 4.5 million travelers from Air India.
Via: BleepingComputer (opens in new tab)