Data Protection Academy » Data Protection News » Data breach at Miles and More

Data breakdown frequent flyer programme Miles & More

Data breach at Miles and More

Date: 10.12.2019

Responsible body: Miles & More

Type of data protection violation: personal data visible to customers

Due to a technical malfunction when logging into the Miles & More website, participants of Lufthansa's frequent flyer program were able to view accounts of other participants who had logged in during the same period. According to official statements from Miles & More, 4,100 logins occurred within the affected period. The data breach is critical, because Lufthansa customers have individual-related data such as the name or rice data of third parties.

Currently, access is strictly monitored by the IT department of Miles & More and only released again step by step. It is not a hacker attack.

The data breach at the Miles & More frequent flyer programme has been reported to the responsible data protection supervisory authority, a final assessment is still pending.

Categories of data: Name, first name, customer number, travel data

Country: Germany

SourceZDNet

Back to the overview of the data breaches

Book demo

Nadine Porrmann
Latest posts by Nadine Porrmann (see all)

This might interest you too:

Data breach at Klarna: Third party data visible

Entering a postcode and e-mail was sufficient to view third party data. The autofill function is to blame.
Read more

Data breach Microsoft customer records leaked

In December 2019, 250 million support requests to Microsoft were available online for two days. Security researchers reported the data breach to Microsoft.
Read more

British government published private addresses of stars

The British government publishes the addresses of around 1000 celebrities, politicians and private individuals who receive the traditional New Year's honours.
Read more