Maximise your Avios, air miles and hotel points

Forums Frequent flyer programs Other frequent flyer schemes Flying Blue compromised account. Only me?

  • AlanC 27 posts

    Our security operations teams have detected suspicious behavior by an unauthorized entity in relation to your account. We have immediately implemented corrective action to prevent further exposure of your data.
    As a result, the following data was possibly compromised:
    – Your first and/or last name
    – Your Flying Blue number and level
    – Miles balance
    – Phone number
    – Email address
    – Latest transactions
    No credit card and/or payment information was exposed.
    Our Information Security department is taking actions to prevent any suspicious activity with regard to your account.
    As an additional security measure, we have locked your account and require that you change your password in order to regain access. We kindly request you go to the KLM website and select “Forgot Password” on the log in page in order to create a new password.
    Please be assured that Air France, KLM and their loyalty program Flying Blue takes the protection of your personal data very seriously.
    We apologize for any inconvenience or concern this situation may have caused.
    Benjamin Lipsey
    Senior Vice President, Customer Loyalty
    Head of Flying Blue

    Barraclough 61 posts

    I’ve had the same email.

    Barraclough 61 posts

    There doesn’t seem to be anything currently in the online news or on the flying blue website about data breaches so it may not be widespread, unless a bigger story is about to break. There are a few documented cases though where people have found their miles have been illicitly used after their account was hacked. In my case my flying blue account was empty of miles, alhough I don’t like the thought that my name, email address and phone number are now in the possession of a hacker and might appear in the dark web.

    t0m 74 posts

    I got the e-mail..

    HfP Staff
    2,385 posts

    I got the email. Except, oddly, when I logged in – whilst I did have to do 2FA via email – I wasn’t asked for a password change.

    EDB99 32 posts

    I’ve heard rumours (nothing more than that) AwardWallet might be the culprit.

    This wouldn’t surprise me. In parts, AwardWallet wallet seems questionable (using sort of a script-kiddies like hackish approach when no api is available).

    derbydave 9 posts

    I have not had the e-mail, and have been able to log in normally today. I don’t use AwardWallet.

    davefl 1,435 posts
  • You must be logged in to reply to this topic.

The UK's biggest frequent flyer website uses cookies, which you can block via your browser settings. Continuing implies your consent to this policy. Our privacy policy is here.