WoSign,making the internet more secure and trusted!
CHINESE +86-755-86008688
home>News & Events>Hackers stole air mileage of millions of Indian Airlines’ passengers, which worth 23745 dollars

Hackers stole air mileage of millions of Indian Airlines’ passengers, which worth 23745 dollars

A well-planned hacker activity aiming at passengers from frequent flier plan of Indian Airline has stolen 23745 dollars’ worth of air mileage so far.

The flight return project has over 195000 customers’ accounts. Deli police said that the attack seemed to be assisted by company staff who know the loophole and weakness of the system or staff from travel agent. According to Indian Airlines, these responsible people created 20 independent emails ID to “transfer the bonus points passenger gained”.

Business manager of airline company Praveen Lal told the Times of India,” all affected member accounts have been frozen to avoid any possible operations. Affected users ID are out of use now, including those with the same username and passwords. Meanwhile, ID of all inactive users in the past three months is out of use as well.”

A senior officer who has requested anonymity added:” except for hackers, current or former employees who might be aware of the vulnerabilities and weaknesses of the system are also our suspects. We have already asked the airline company to provide the list of employees leaving the company recently.”

This is not the first time flight mileage accounts being the target. In the end of 2014, ambitious theft hacked into user accounts of American Airlines and United Airlines with usernames and password he had stolen to book flight ticket for himself using other people’s mileage.

The spokesman of the United Airlines said that only 36 accounts have been attacked and all the stolen goods would be returned into customer’s accounts. However, American Airlines didn’t get lucky. There were about 10000 AA accounts being hacked.

Indian Airlines are looking into tickets of which flights can be bought using the stolen mileage at the moment.

Article source: 360 security broadcast