Air France and KLM have informed Flying Blue customers about a cyber incident that resulted in their accounts being compromised and personal information being disclosed.
Flying Blue is a loyalty program that allows customers of Air France, KLM, Transavia, Aircalin, Kenya Airways and TAROM airlines to exchange points for various rewards.
Among the potentially stolen data were the names of passengers, email addresses, phone numbers, recent transactions, as well as the balance of miles earned and the history of their spending.
Affected customers were warned that their accounts were blocked after the hack, and therefore a password change is required.
At the same time, the attack was localized in time, which allowed to maintain the balance of accumulated miles.
Air France and KLM confirmed the leak and said that confidential customer data had not been disclosed.
The violation warnings also indicated that the incident did not affect credit card data or payment information.
Both airlines stated that they also reported the incident to the relevant services of their countries and initiated an investigation.