Air France and KLM announced on Wednesday that the attackers had violated a customer service platform and stole an unknown number of customers.
Along with Transvia, Air France and KLM are part of the Air France-KLM group, a French-Dutch multinational airline holding company and a prominent player in international air transport.
With fleet of 564 aircraft and 78,000 employees, Air France-KLM provides services up to 300 destinations in 90 countries. In 2024, the aviation group transported 98 million passengers worldwide.
Both airlines said that they had reduced the reach of the attackers after discovering the violation and said that their network was not affected by the attack.
“Air France and KLM have detected abnormal activity on the external platform used for customer service. This activity resulted in unauthorized access to customer data,” He said. “Our IT security teams, along with the relevant external party, took immediate action to prevent unauthorized access. Measures have also been implemented to prevent recurrence. Internal Air France and KLM systems have not been affected.”
While the attackers gained access to customer data, Air France and KLM stated that the financial and personal information of the customers did not affect. Airlines have also informed the relevant officials in their countries of the incident and are now warning the affected persons that their data was stolen.
“KLM has reported the incident to the Dutch Data Protection Authority; Air France has done so in France with CNIL,” he said. “Customers whose data has been accessed is currently being informed and advised to be additional vigilant for suspected email or phone calls.”
It falls on heels of other aviation violations associated with scattered spider hacker collectors, which has previously focused on the Westjet and Hawaiian airlines in aviation and transport firms after targeting insurance and retail areas.
Many high-profile companies including Adidas, Kantas, Allianz Life, Louis Witon, Dyer, Tiffany & Co.,
An Air France -KLM spokesperson was not immediately available for comment, when to disclose the number of affected persons and to confirm whether the customer’s data was stolen from an agreement -made salesforce example, then to confirm it.
Malware targeting password stores increased 3x as the attackers secretly carried out the perfect history landscape, infiltrated and exploited important systems.
Search for the top 10 Metter Att & CK techniques behind the 93% attacks and how to defend them.
