The investigation noted the exfiltration of names, contact information, Flying Blue loyalty program membership details, and service request email subject lines.
Air France and KLM have both announced that attackers had breached a customer service platform and stolen the data of an undisclosed number of customers.
Information belonging to customers of both airlines have been compromised following a third-party data breach, reports Cybernews.
"Unusual activity was detected on a third-party platform used by our contact centres, which led our IT security team, together with the third-party system involved, to swiftly implement corrective measures to put an end to the incident," said the holding firm, which noted the exfiltration of individuals' names, surnames, contact information, Flying Blue loyalty program membership details, and service request email subject lines.
Effective Breach Handling
Boris Cipot, senior security engineer at Black Duck, praised Air France and KLM's response to this breach, saying it is a notable example of effective breach handling: they swiftly cut off the attackers, notified authorities, and informed affected customers.
“A robust cyber strategy serves as both a defence mechanism and a plan for responding to breaches,” he said. “Since breaches can occur even with the best defences, having a clear plan is vital. Organisations must balance the trade-offs between speed, accuracy, and compliance at scale while mitigating security, regulatory, and licensing risks."
Javvad Malik, lead security awareness advocate at KnowBe4, said: “This incident demonstrates that even when core systems remain untouched, third party and smaller isolated systems can expose sensitive customer data.
“Customers must remain alert for sophisticated follow-on scams, while organisations need to rigorously assess and continually monitor all parties who have access to their data. While processes and systems can be outsourced, security remains their responsibility. When a breach occurs, their brand is the one which suffers the impact, and it is trust in them that is eroded."
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
