Air France and KLM informed Flying Blue customers that some of their personal information was exposed after their accounts were hacked.

Flying Blue is a loyalty program allowing customers of several airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways and TAROM, to redeem loyalty points for various rewards.

“Our security operations teams have detected suspicious behavior by an unauthorized entity in connection with your account. We have immediately implemented corrective measures to prevent any further exposure of your data,” read the notifications sent. to affected customers.

“Our information security department takes steps to prevent suspicious activity regarding your account.”

The official KLM Twitter account confirmed the attack and Told one of the affected customers that “the attack was blocked in time and no miles were charged”.

“However, I invite you to change your Flying Blue password via the Flying Blue website,” KLM said.

This followed a series of reports [1, 2, 3] on the social networks of customers who received the breach notifications.

The list of potentially compromised data includes their names, email addresses, phone numbers, last transactions and Flying Blue information such as their earned miles balance.

The breach alerts added that this incident did not expose customers’ credit card or payment information.

Affected customers were also warned that their accounts had been locked due to the breach and that they should go to the KLM and Air France websites to change their passwords.

KLM and Air France did not respond to requests for comment when BleepingComputer contacted them earlier today.