KLM and Air France report data breach through third-party customer service system
Learn More
KLM Royal Dutch Airlines and its sister airline Air France have confirmed a data breach that exposed customer personal information after hackers gained unauthorized access to a third-party customer service system used by the airline.
The breach was caused by attackers infiltrating an external customer service platform used by both KLM and Air France for handling customer support operations. KLM described the incident as involving "fraudsters" who "gained limited access to a third-party system that is used by KLM."
The exposed data from this breach included:
- First and last names
- Phone numbers
- Email addresses
- Flying Blue membership numbers and status levels
- Subject lines of previous customer service requests
- Notes made by KLM customer service representatives
The number of affected individuals has not been disclosed. The airline claims that more sensitive information remained secure, with no exposure of "credit card details, passport numbers, Flying Blue Miles balances, passwords or booking information."
Security experts warn that the compromised data provides sufficient detail for cybercriminals to create convincing phishing messages that appear to come directly from KLM or other legitimate airline communications.
Although the third party system is not named, the pattern and timing of the attack indicates that this is another instance of the voice phishing attacks targeting Salesforce instance which also compromised Cisco, Chanel and Pandora.
KLM has reported the breach to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) and Air France simultaneously notified the French data protection authority CNIL. The airlines are sending direct notifications to all customers whose data may have been accessed, advising them to remain vigilant for suspicious communications.
