The Luxembourg airline Luxair recognized that personal information of its passengers had been pirated.
The data used for customer reservations whose flight suffered a disruption between November 2020 and July 4, 2023giving rise to the granting of a meal voucher, a hotel reservation necessary following such disruption or any disruption warning communication by SMS », « have been made accessible to unauthorized third parties “. Luxair clarified “ it does not mean that all data has been accessed “.
This data was stored on a server with an external IT service provider. ” It turns out that the service provider in question hosts its data in the cloud, which was not adequately secured, in opposition to the guarantees that the latter had given in terms of information security. “explained Luxair. The server in question was secured quickly and “ the provider’s services of issuing vouchers and hotel reservations have been suspended until further notice “.
Faced with the hacking of this personal data, the airline recommends to its passenger customers “ to protect themselves against any fraudulent use of their data, to pay extra attention to messages (in particular phishing) which could reproduce Luxair’s visual identity or be based on past flight data. »