Delta locks some customer accounts over security concern: What to know
Share this @internewscast.com

HARRISBURG, Pa. (WHTM) — If you have a flight with Delta Air Lines coming up, it might be a good idea to ensure you can access your frequent flier account before heading to the airport.

The airline has restricted access to some customers’ frequent flier accounts due to cybersecurity concerns identified earlier in the week and did not immediately inform those customers. This information was given by two different reservation agents on separate occasions on Saturday to an affected customer, a reporter for Nexstar’s WHTM.

The possible security breach occurred last week, according to the details provided. The reporter encountered the issue on Saturday while attempting to log into the airline’s system to check in for a flight planned for Sunday. The login was unsuccessful, as was an attempt to reset the password.

This previously unreported issue occurred while Delta also worked to recover from a severe storm at its Atlanta hub, which caused the airline to cancel nearly 1,000 flights Friday and Saturday.

The reporter called the airline’s reservations center, where an agent immediately recognized the problem and said a known issue, regarding concerns about a potential security breach, had impacted a large number of customers earlier in the week, and those customers’ accounts had been locked. The agent said the customer, like others impacted, had to upload a photo of a valid government ID (such as a driver’s license) to verify his identity.

The agent helped the reporter navigate to a form on the airline’s website through which the photo could be uploaded. She said because of the large number of customers impacted, the requests were taking time to address; the reporter could call back later for further manual assistance over the phone if the issue wasn’t addressed in time.

“Delta SkyMiles accounts are secure,” a company spokesperson said in a statement, responding to questions about the issue. SkyMiles is the airline’s frequent flier program. “As we do occasionally, out of an abundance of caution, we reset credentials for accounts and ask that customers verify them with us to maintain security of the accounts. We apologize for any inconvenience this might cause.”

A different agent later in the day, assisting the reporter further, also recognized the issue immediately and said about 68,000 customers had been impacted. The spokesperson declined to comment further.

The 68,000 customers would represent fewer than 1% of Delta’s approximately 130 million SkyMiles members, and it was unclear whether any accounts had actually been breached, as opposed to whether, for example, hackers had unsuccessfully attempted to breach the airline’s systems.

But two security experts said the airline’s handling of the issue — locking customer accounts but not immediately notifying the impacted customers that they should attempt to reset their account credentials to regain access — was unusual.

“This is the first time I’ve ever heard of a company doing something like this without notifying customers,” Jonathan Weissman, a principal lecturer at the Rochester (New York) Institute of Technology’s cybersecurity department, said Saturday night. “It makes no sense that they would lock the accounts and not tell the customers that the accounts have been locked.”

Weissman said companies often require customers to reset their passwords, even after successfully blocking hackers from accessing an account, but they typically notify customers immediately when that happens so the customers can address the issue calmly and at their convenience rather than when they have an immediate need to access the company’s website or app.

“Locking the accounts is a good, safe measure,” Weissman said of Delta’s initial step. “But not communicating that fact to the affected customers can cause mass confusion and problems with people boarding flights eventually. The information should be forthcoming from [Delta], not in response to questions from customers.”

Weissman said it’s possible the airline doesn’t know the extent of the issue, but if it knew enough to lock the accounts, it should have notified customers of that action and their need to set new passwords at the same time.

Another cybersecurity expert, also speaking Saturday night, agreed.

“They need to come clean and do their best job of notifying everybody affected,” said Scott Schober, CEO of a New Jersey-based cybersecurity company called BVS and author of several books about cybersecurity. “At a minimum, they could alert you so you can take action, and then provide more information as they learn it.”

Less than half an hour after the first agent helped the reporter navigate the process of uploading the photo of his driver’s license, he received this message:

(WHTM)

But the password reset didn’t work. The reporter called and spoke with another agent who was also familiar with the issue and was able to help successfully reset the password, resulting in a successful account login.

Delta is generally well-regarded among U.S. airlines, sometimes ranking higher than all others in customer surveys and analyses of metrics such as airline punctuality.

Share this @internewscast.com
You May Also Like
Colorado man dies after car drives over rim of Grand Canyon National Park

Colorado Man Killed After Vehicle Plunges Over Edge in Grand Canyon National Park

This article covers the topic of suicide. If you or someone you…
Violent Gen Z protests spiral with at least 19 killed in Nepal; video shows parliament building ablaze

At Least 19 Deaths in Nepal as Gen Z Protests Escalate; Footage Captures Parliament Building on Fire

Protests against the government in Nepal escalated into violence on Tuesday, with…
Federal agents forced to retreat on slashed tires after immigration raid confrontation in sanctuary city

Federal Agents Withdraw After Immigration Raid in Sanctuary City Leads to Tire Slashing

A dramatic standoff in upstate New York between immigration agents, roofers and…
Former Chicago Public Schools CEO Paul Vallas, DePaul University professor weigh in on Nation's Report Card

Ex-Chicago Public Schools CEO Paul Vallas and DePaul University Professor Discuss Nation’s Report Card

CHICAGO (WLS) — A local former education leader and college professor are…
Charlotte mayor slammed over comments after woman stabbed to death on train

Criticism mounts against Charlotte mayor following remarks post train stabbing incident

Charlotte Mayor Vi Lyles, a Democrat, is under fire for her response…
Poland shoots down drones in its airspace during Russian attack on neighboring Ukraine

Poland Downs Drones Entering Airspace Amidst Russian Assault on Ukraine

Polish defense officials say the military shot down drones that violated its…
57 illegal immigrants detained in major New York worksite raid; 5 accused of reentry after deportation

57 Undocumented Immigrants Detained in Significant New York Worksite Raid; 5 Charged with Illegal Reentry After Deportation

A significant federal raid in upstate New York resulted in the arrest…
Palmdale Street shooting on Jacksonville's Northwest side leaves man dead

Springfield Man Shot After Declining Request for Money

A gunman shot a man in Downtown after asking for money, leaving…
Selena Gomez, Steve Martin and Martin Short talk about sleuthing skills and secrets in 'Only Murders in the Building' season 5

Selena Gomez, Steve Martin, and Martin Short discuss detective skills and hidden surprises in ‘Only Murders in the Building’ Season 5

Get your sleuthing skills ready. Season five of “Only Murders in the…
Iconic athletes Carl Lewis, Jerry Rice and Nadia Comăneci reveal how they stay strong as they age

How Legendary Athletes Carl Lewis, Jerry Rice, and Nadia Comăneci Maintain Their Strength with Age

Inspired by the popular series “Limitless: Live Better Now” featuring Chris Hemsworth,…
Authorities reveal cause of death in killing of retired college professor

Officials Disclose Cause of Death in Murder of Retired Professor

Authorities suspect that the individual charged with murdering a retired Auburn University…
Officials reject Gaza flotilla's claim that it was bombed: 'No basis in truth'

Authorities Deny Gaza Flotilla’s Bombing Allegations: ‘Completely Unfounded’

<!–> Gaza aid activist group claims drone attacked its vessel The Global…