Personal data travelers Air France and KLM captured in data breach

Personal data travelers Air France and KLM captured in data breach

Travellers who have flown once or several times with Air France or KLM and are members of the Flying Blue program are the victims of a data breach. Hackers may have captured their private data. As a precaution, the airline is asking customers to change their loyalty program password.

Benjamin Lipsey, director of Flying Blue, writes this in an email to duped customers. The email was posted on Twitter by various customers on Friday and Saturday.

Accounts are closed for security reasons.

The message states that the security operations team has observed “suspicious activity” where an “unauthorized entity” has accessed the addressee’s account. As a result, all kinds of private data may have ended up in the hands of hackers. This concerns first and last name, telephone number, email address, the Flying Blue number, number of kilometres flown and recent transactions.

Lipsey emphasizes that credit card details or payment information have yet to be obtained. The information security department immediately took measures to prevent a recurrence. The accounts of victims have been made inaccessible. To be able to log in, they must create a new password. However, this only works for some, as some comments on Twitter show.

Rest assured that Air France, KLM, and their loyalty program Flying Blue take the protection of your data very seriously. We apologize for any inconvenience this situation may have caused,” the email reads.

Lots of ambiguities about events

Details about the data breach currently needs to be included. It is unknown what happened, how many customers have been affected, whether more data may have been stolen, whether the perpetrators have asked for a ransom and when the incident occurred.

KLM sporadically responds to questions from concerned travellers on Twitter. In this tweet, the airline asks if the person in question wants to send a personal message (DM) to settle the matter. has submitted several questions to KLM to get more information about the incident. As soon as we receive a response, we will update this message.

Update (January 9, 2023): KLM confirms to and that a data breach has occurred at the company. Hackers may have accessed the private data of Flying Blue customers, and no payment details would have been stolen.

The data leak has been reported to the Dutch Data Protection Authority (AP). The airline Air France has reported the incident to the Commission Nationale de l’Informatique et des Libertés (CNIL), the French counterpart of the AP. “We regret this situation,” said spokesperson Caroline van der Veeken. It is still unknown how many customers were affected by the data breach.

Find more articles here

Follow us on Facebook here

Leave a Reply