Air France and KLM have confirmed a data breach involving their customer service platform, resulting in the theft of personal information such as names, email addresses, phone numbers, loyalty program details, and recent transactions.
The airlines emphasized that no sensitive data — including passwords, passport details, travel itineraries, credit card information, or Flying Blue miles — was compromised.
Following detection of the incident, Air France and KLM immediately worked with the affected third-party provider to cut off unauthorized access. Both companies also reported the breach to relevant authorities — KLM to the Dutch Data Protection Authority and Air France to France’s CNIL — and began notifying affected customers.
While the attackers have not been officially identified, cybersecurity experts suggest the breach could be part of a wider campaign targeting Salesforce instances by the ShinyHunters extortion group. This group has previously targeted brands such as Chanel, Tiffany & Co., and Dior, aiming to steal valuable customer data stored in SaaS platforms.
They understand that SaaS platforms like Salesforce hold so much valuable customer data, and one breach into a supply chain company can mean access to many different organisations.
What Customers Should Do
Even though financial and highly sensitive data was not exposed, the stolen information can still be used for phishing attacks. Customers are advised to:
- Be cautious of unsolicited emails or phone calls requesting personal or account information.
- Avoid clicking suspicious links.
- Monitor accounts for unusual activity.
With millions of passengers served annually, Air France-KLM Group’s breach highlights the growing risk of supply chain attacks and the importance of robust third-party security measures.
How Alcaeus Can Help
At Alcaeus, we specialize in helping organizations reduce the risk of breaches like this by implementing proactive cybersecurity strategies. Our services include security audits, third-party risk management, continuous monitoring, and tailored incident response planning — ensuring your data, systems, and customers remain protected against evolving cyber threats.
Comments are closed