Air India’s frequent flyer programme has been hit by a hacking campaign that has resulted in the theft of $23,745 worth of travel miles.
There are over 195,000 accounts for the service, with loopholes in the system being exploitd by hackers with assistance from insiders in the breach.
Those responsible created 20 separate email IDs to “divert the reward points earned by passengers,” according to Air India. Praveen Lal, commercial manager at the airline, told the Times of India: “All the affected membership accounts have been suspended so that no further activity can take place from these accounts. The affected user IDs have been deactivated along with user IDs that have identical usernames and passwords. Also, all such user IDs that have not been active for the past three months have been deactivated.”
View full story
ORIGINAL SOURCE: Infosecurity Magazine