Air France and KLM, two major European airlines, have announced a significant data breach after hackers accessed customer information through a third-party platform linked to their customer service operations. This incident, disclosed in early August 2025, marks another global example of supply chain vulnerabilities being targeted by cyber criminals.
What Happened?
- Breach Source: Hackers did not compromise the airlines’ main IT systems, but rather gained unauthorized access to a third-party service provider’s platform used by Air France and KLM’s contact centers.
- Rapid Response: Both airlines’ security teams, along with the external vendor, immediately stopped the breach and implemented new protective measures to prevent similar incidents in the future.
- Ongoing Investigation: Relevant authorities in the Netherlands and France have been notified, and affected customers are being actively informed.
What Data Was Exposed?
| Not Compromised | Exposed Data |
|---|---|
| Passwords | First and last name |
| Flight/travel details | Contact details (e.g., email, phone) |
| Credit card/passport info | Flying Blue loyalty program numbers & tier |
| Miles/loyalty balances | Subject lines of customer service emails |
No sensitive data like credit cards, passport numbers, miles balances, or passwords were reportedly accessed.
Potential Risks for Customers
- Phishing Threats: Attackers may use exposed names, contacts, and loyalty details to craft highly convincing phishing or social engineering attempts.
- Spoofed Communications: Expect fraudulent emails or calls pretending to be from Air France or KLM, especially referencing your customer service history or loyalty status.
Airlines’ Advice to Customers
- Be Skeptical: Treat any unexpected messages, emails, or calls with caution, especially ones asking for personal details or urgent action.
- Check Authenticity: Contact Air France or KLM directly if you receive suspicious requests.
- Stay Informed: Watch for further notifications and updates from the airlines regarding the breach and any recommended security measures.
Industry Context
This breach is part of a broader wave of attacks targeting organizations via their third-party providers. Similar incidents have recently affected companies like Google, Qantas, Chanel, Pandora, and Adidas. Cybersecurity experts attribute many of these attacks to groups such as ShinyHunters, using social engineering and flaws in connected business applications.
What Should You Do Now?
- Monitor your emails and phone for suspicious activity.
- Change your Flying Blue or related account passwords as a precaution—even though direct password exposure is unconfirmed.
- Enable two-factor authentication on your airline and loyalty accounts, if available.
- Be alert to scams referencing airline customer service or your loyalty tier.
Final Thoughts
While no financial or travel data was exposed, the breach serves as a reminder that personal details can be misused for scams or identity theft even when core IT systems remain uncompromised. Air France and KLM have apologized to customers and stress ongoing efforts to strengthen data security.
If you have questions or believe you were impacted, reach out to Air France or KLM’s customer contact center. Stay vigilant and keep up with the latest notices to protect your information.
