KLM and Air France customers experienced a data breach due to a supply chain attack. Acknowledged by both airlines, the breach was confirmed to have occurred in late July 2025. An unusual activity was detected on a third-party platform linked to contact centers, leading to prompt action from the IT security team. While the breach involved potential access to personal data, no sensitive information like passwords or credit card numbers was disclosed. The affected supplier remains unnamed, and customers are urged to be cautious of suspicious communications.
Air France and KLM confirm that they are investigating a fraudulent access to the data of some of our customers. An unusual activity was detected on a third-party platform used by our contact centers, which led our IT security team, together with the third-party system involved, to swiftly implement corrective measures to put an end to the incident.
Protective measures have been taken to stop the same thing happening again, the spokesperson confirmed, adding that "no sensitive data such as password, travel data, Flying Blue Miles balance, passport or credit card numbers were disclosed".
Collection
[
|
...
]