KLM Data Breach: Customer Information Stolen

KLM has informed customers about a data breach at an external customer service partner, in which contact information and Flying Blue data were stolen. The airline emphasizes that sensitive data such as passwords and travel dates have not been affected. Customer communications indicate that travelers who have previously contacted customer service are vulnerable to the breach. First and last names, phone numbers, email addresses, Flying Blue numbers and status, and the subject of support tickets may have been compromised. The incident was reported to regulators by both Air France-KLM divisions. KLM reported it to the Dutch Data Protection Authority, while Air France reported it to the French privacy watchdog CNIL. The data breach affected an external platform used by both KLM and Air France for customer support. This resulted in unauthorized access to customer data. The breach was discovered by the IT security teams, who immediately took action together with the external partner. KLM and Air France’s own systems were not affected. According to the airline, no sensitive data such as passwords, travel details, Flying Blue miles, passport or credit card details were stolen. However, the actual haul is enough to send convincing phishing emails, so extra caution is advised when checking your inbox. KLM advises affected customers to be extra alert to suspicious communications via email or telephone.

Source: https://www.techzine.eu/news/security/133612/airfrnace-klm-reports-data-breach-at-customer-service/