Breach cyber

Air France

Aug 8, 2025 1 min read
Air France

Unidentified hackers accessed Air France through a third-party service provider, stealing sensitive customer data. The compromised information includes full names, contact details, Flying Blue numbers, tier levels, and subject lines of service request emails. However, passport numbers, payment card details, passwords, and Flying Blue Miles balances were not affected. The attack was detected and mitigated by the IT security team, but the exact number of affected individuals remains unknown. No group has claimed responsibility, though the FBI has warned about increased targeting of airlines by the Scattered Spider hacking group.

Source: https://www.techradar.com/pro/security/air-france-and-klm-customers-may-have-had-personal-details-exposed-following-data-breach

TPRM report: https://www.rankiteo.com/company/air-france

"id": "air414080825",
"linkid": "air-france",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Aviation',
                        'name': 'Air France',
                        'type': 'Airline'},
                       {'industry': 'Aviation',
                        'name': 'KLM Royal Dutch Airlines',
                        'type': 'Airline'}],
 'attack_vector': 'Third-party service provider compromise',
 'customer_advisories': 'Data breach notification letters sent',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': 'Full names, contact '
                                                        'details',
                 'sensitivity_of_data': 'Moderate',
                 'type_of_data_compromised': 'Personal data'},
 'description': 'Unidentified hackers accessed Air France and KLM through a '
                'third-party service provider, stealing customer data '
                'including names, contact details, and more. Passport data was '
                'not compromised.',
 'impact': {'data_compromised': 'Full names, contact details, Flying Blue '
                                'numbers and tier levels, subject lines of '
                                'service request emails',
            'identity_theft_risk': 'Possible',
            'payment_information_risk': 'None'},
 'initial_access_broker': {'entry_point': 'Third-party service provider'},
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'Tweakers'}, {'source': 'Cybernews'}],
 'response': {'communication_strategy': 'Data breach notification letters sent '
                                        'to affected customers',
              'containment_measures': 'Corrective measures implemented',
              'incident_response_plan_activated': True,
              'third_party_assistance': True},
 'threat_actor': 'Unidentified (possibly Scattered Spider)',
 'title': 'Cyberattack on Air France and KLM through a third-party service '
          'provider',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Optus

public 2 min read
The Australian Information Commissioner (AIC) has launched civil action against Optus for a 2022 data breach that exposed the personal…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.