Data Protection Academy » Data Protection News » Data breach at Miles and More

Data breakdown frequent flyer programme Miles & More

Data breach at Miles and More

Date: 10.12.2019

Responsible body: Miles & More

Type of data protection violation: personal data visible to customers

Due to a technical malfunction when logging into the Miles & More website, participants of Lufthansa's frequent flyer program were able to view accounts of other participants who had logged in during the same period. According to official statements from Miles & More, 4,100 logins occurred within the affected period. The data breach is critical, because Lufthansa customers have individual-related data such as the name or rice data of third parties.

Currently, access is strictly monitored by the IT department of Miles & More and only released again step by step. It is not a hacker attack.

The data breach at the Miles & More frequent flyer programme has been reported to the responsible data protection supervisory authority, a final assessment is still pending.

Categories of data: Name, first name, customer number, travel data

Country: Germany


Back to the overview of the data breaches

Nadine Porrmann
Latest posts by Nadine Porrmann (see all)

This might interest you too:

Data breach at Klarna: Third party data visible

Entering a postcode and e-mail was sufficient to view third party data. The autofill function is to blame.

Data breach Microsoft customer records leaked

In December 2019, 250 million support requests to Microsoft were available online for two days. Security researchers reported the data breach to Microsoft.

Massive data breach at car rental company Buchbinder

Over 2.5 million German customers affected. High potential for abuse, use your right to information and ask if you are affected.