Thought Leadership
European airlines Air France and KLM are the latest victims of a series of cyberattacks on large companies. Attackers gained access to customer data via a compromised third-party provider.
The two airlines, which belong to the joint Air France-KLM Group, announced in a joint statement that they had discovered “unusual activity on an external platform that we use for customer service”. Attackers used this platform to gain access to customer data.
Air France and KLM have discovered that unusual activities have taken place on an external platform that we use for our customer service. Unlawful access to customer data was gained.
Our IT security teams, together with the external partner concerned, took immediate action to stop the unauthorized access. Measures were also taken to prevent a recurrence. The internal systems of Air France and KLM are not affected. No sensitive data such as passwords, travel data, Flying Blue miles, passport or credit card details were stolen.
KLM has reported this to the Dutch Data Protection Authority and Air France has done the same in France with the CNIL. Customers whose data may have been accessed are currently being informed and asked to pay particular attention to suspicious emails or calls.
“No sensitive data compromised”
The airlines emphasized that “no sensitive data such as passwords, travel details, Flying Blue miles, passport or credit card information was stolen”. The companies did not publicly disclose the specific types of data affected.
However, there are customer notifications circulating on X which show that first and last names, contact details, Flying Blue numbers and statuses as well as subject lines of customer service emails were accessed.
Warning of phishing attempts
KLM and Air France warned their customers of increased phishing attempts. Both companies have reported the incident to the Dutch and French data protection authorities respectively.
Barry ter Voert, Chief Experience Officer at KLM, writes in a customer notification: “We recommend remaining vigilant for messages or other communications that use your personal data and to be cautious of suspicious activity. The data involved in this data leak could be used to make phishing messages appear more credible.”
