Air France and KLM Reveal Customer Data Breaches: What You Need to Know for Enhanced Security.

Air France and KLM announced on Wednesday that their customer service platform had been breached by attackers, resulting in the theft of data from an undisclosed number of customers. Together with Transavia, Air France and KLM form the Air France–KLM Group, a prominent French-Dutch multinational airline holding company established in 2004. With a fleet of 564 aircraft and 78,000 employees, Air France–KLM services approximately 300 destinations across 90 countries. In 2024, the aviation group transported 98 million passengers globally. The airlines confirmed that they had cut off the attackers’ access to the compromised systems upon discovering the breach and assured that their internal networks remained unaffected.

The airlines reported unusual activity on an external customer service platform, leading to unauthorised access to customer data. However, they clarified that customers’ financial and personal information was not compromised. Air France and KLM have notified the relevant authorities in their respective countries and are currently informing affected individuals, advising them to remain vigilant against suspicious emails or phone calls. This incident follows a series of aviation breaches linked to the Scattered Spider hacker collective, which has recently targeted various transportation firms. High-profile companies, including Adidas, Qantas, and Google, have also experienced breaches related to Salesforce instances, highlighting the growing threat landscape in the aviation sector. 

Categories: Data Breach, Cybersecurity Incident, Customer Notification 

Tags: Air France, KLM, Data Breach, Customer Service, Cybersecurity, Unauthorized Access, IT Security, Data Protection, Aviation, Scattered Spider