Unknown hackers have gained access to the user personal accounts of the website of Lufthansa airline (LH.com) and used frequent-flyer miles.
Unknown hackers have breached the system of the German flag carrier Lufthansa, the news was reported first by the German magazine Der Spiegel.
The attackers accessed individual passenger accounts on the company’s website LH.com as confirmed by the company on Friday.
Lufthansa immediately started the operations to mitigate the risks of exposure in compliance to its incident response plan.
Lufthansa has taken prompt countermeasures, but it “had not been able to prevent illicit access to some customer files,” according to company’s representatives that confirmed that hackers may have accessed hundred customers, but highlighted that no data was exfiltrated from Lufthansa’s systems.
“We had to lock several hundred customer pages,” a Lufthansa spokesman told DPA news agency. “We believe to have the problem generally under control,” he said.
The attackers run a massive brute-force attack against the system of the company, rumors confirm the involvement of a botnet that was used by hackers to target Lufthansa.
“This has been achieved through the use of so-called botnets: There was a large number of username and password combinations automatically tried until a Login succeeded.” reports the Der Spiegel magazine.
Once accessed the company’s database, the attackers used frequent-flyer miles to obtain vouchers and redeem rewards, they focused their activity on vouchers that don’t need to be delivered by mail.
In one case, the hackers have ordered watches and a tablet for a value of 2700 Euro, the destination address used by the attackers was London, meanwhile the billing address was in Berlin.
Lufthansa confirmed that a “small, single-digit number” of Lufthansa’s top client accounts was the victims of the attack. These clients are called by the company “HON Circle” members, which are customers who have flown at least 600,000 HON miles in two years exclusively in the Business and First Class.
Of course, the company restored the account miles following the cyber attack.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.