TechZine reports:
KLM has informed customers about a data breach at an external customer service partner, in which contact information and Flying Blue data were stolen. The airline emphasizes that “sensitive” data such as passwords and travel dates have not been affected.
Customer communications indicate that travelers who have previously contacted customer service are vulnerable to the breach. First and last names, phone numbers, email addresses, Flying Blue numbers and status, and the subject of support tickets may have been compromised.
The incident was reported to regulators by both Air France-KLM divisions. KLM reported it to the Dutch Data Protection Authority, while Air France reported it to the French privacy watchdog CNIL.
Read more at TechZine. The “external customer service partner” was Salesforce. This was another attack by ShinyHunters, who has successfully attacked approximately 50 entities already, including Allianz, Dior, Tiffany, Chanel, Qantas, and the Legal Aid Agency.
