Air France and KLM announced a breach in a customer service platform where attackers gained unauthorized access to customer data. The airlines confirmed that financial and personal information was not compromised, but customer data was stolen. The breach was contained, and measures were implemented to prevent recurrence. Authorities were notified, and affected customers were advised to be vigilant against phishing attempts. The incident is under investigation, with no further details disclosed.
TPRM report: https://www.rankiteo.com/company/air-france--klm
"id": "air345080725",
"linkid": "air-france--klm",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Undisclosed number',
'industry': 'Aviation',
'location': 'France',
'name': 'Air France',
'size': 'Large',
'type': 'Airline'},
{'customers_affected': 'Undisclosed number',
'industry': 'Aviation',
'location': 'Netherlands',
'name': 'KLM',
'size': 'Large',
'type': 'Airline'}],
'customer_advisories': 'Customers advised to be vigilant for suspicious '
'emails or phone calls',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Undisclosed',
'personally_identifiable_information': 'No',
'sensitivity_of_data': 'Non-financial, non-personal',
'type_of_data_compromised': 'Customer data'},
'date_publicly_disclosed': '2024-08-07',
'description': 'Attackers breached a customer service platform and stole the '
'data of an undisclosed number of customers. The airlines have '
"cut off the attackers' access and notified relevant "
'authorities.',
'impact': {'brand_reputation_impact': 'Potential risk due to data theft',
'data_compromised': 'Customer data',
'identity_theft_risk': 'Customers advised to be vigilant for '
'suspicious emails or phone calls',
'payment_information_risk': 'Financial and personal information '
'not affected',
'systems_affected': 'External customer service platform'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Implemented measures to '
'prevent recurrence'},
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'regulatory_notifications': 'Dutch Data Protection '
'Authority, CNIL'},
'response': {'communication_strategy': 'Notifying impacted individuals',
'containment_measures': "Cut off attackers' access",
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Implemented measures to prevent '
'recurrence',
'third_party_assistance': 'Yes'},
'title': 'Air France and KLM Customer Data Breach',
'type': 'Data Breach'}