Two of the world’s leading airlines have been targeted again by hackers who illegally accessed personal information held in frequent flyer programmes.

This month Air France and KLM informed their Flying Blue loyalty programme customers that personal information was exposed after their accounts were breached. The news highlights the continuing vulnerability of frequent flyer programmes that were the target of a major world-wide breach in March 2021.

In that incident hackers were able to access some computer systems of the SITA Passenger Service System for up to a month before the incident’s seriousness was confirmed according to the company’s Geneva-based parent company. SITA provides IT services for the airline industry, including passenger travel planning and booking, airport operations and security, baggage, aircraft connectivity and in-flight cabin and cockpit operations.

A Flying Blue member contacted the Air France at that time stating: “My Flying Blue Account, which I have had for over 15 years, was hacked 3 weeks ago. The thieves were able to change my email address, change my physical address from USA to France, and steal all my points.”

The Flying Blue loyalty programme enables clients of multiple airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways, and TAROM, to exchange loyalty points for various rewards. Following this latest attack, programme members received a message stating: "Our security operations teams have detected suspicious behaviour by an unauthorised entity in relation to your account. We have immediately implemented corrective action to prevent further exposure of your data."

KLM's official Twitter account confirmed the attack and told one of the impacted customers that "the attack was blocked in time and no miles were charged." The airline added: ”I do however invite you to change your Flying Blue-password via the Flying Blue-website.”

The list of potentially compromised data includes names, email addresses, phone numbers, latest transactions, and Flying Blue information including the balance of earned miles.

Affected customers were also warned that their accounts had been locked due to the breach and they had to login to the KLM and Air France websites to change their passwords. The statement said: “Please be assured that Air France, KLM and their loyalty program Flying Blue takes the protection of your personal data very seriously. No credit card and/or payment information was exposed.”

Data from the World Economic Forum (WEF) has revealed global cyber-attacks were reported to have increased by 125% in 2021 while an estimated 236.1 million ransomware attacks were recorded worldwide in the first half of 2022.

To help minimise business disruption both during and after a cyber incident, as well as covering the financial costs of dealing with the attack including data recovery, ransomware, civil fines, damages, legal fees, loss of profit etc, businesses should employ the services of a specialist Cyber Insurance Broker. W Denis provides competitive cyber insurance to businesses of all sizes, as well as many supporting risk management services which can help to avoid claims happening in the first place. For further information visit www.wdenis.eu or contact Vida Jarašiūnaitė Vida.Jarasiunaite@wdenis.eu or Mark Dutton mark.dutton@wdenis.com