Why Airlines Are Prime Targets for Cyberattacks
Airlines are tempting targets for cybercriminals due to the vast amount of sensitive data they handle, from customer details to payment information. In fact:
- Airline cyberattacks are up 74% since 2020.
- Airlines are the most targeted industry, accounting for 46% of all fraudulent transactions.
These cyber threats take numerous forms: Credential stuffing, loyalty fraud, scraping, and account takeover attacks. They disrupt service, expose sensitive data, and damage brand reputation. With the global surge in travel, the increasing value of loyalty programs, and countless booking channels, the attack surface continues to grow.
Loyalty and Rewards Points At Risk
Your customers collectively own up to billions of dollars in loyalty/rewards points. They trust you as their preferred travel provider and expect you to protect their data. And now, so does the Federal Trade Commission.
Why are points so tempting to criminals? Oh, the many places they can go. They can:
- Empty loyalty accounts and sell itineraries on the black market for a price they choose.
- Cash-out by converting the points to online gift cards.
Low adoption of MFA/2FA and password reuse facilitates the account breaches that make this possible. Worst of all? Points fraud is harder to insure against - no chargebacks or other protection exists. Customers often have little recourse if the airline does not make them whole. They leave their loyalty to your brand in tatters…and complain loudly.

