Customers who recently used KLM’s customer service are being urged to stay alert after the airline confirmed a data breach affecting personal details of up to six million people. The company said the breach occurred with a compromised third-party vendor that handled support requests, exposing names, email addresses and frequent flyer numbers.
KLM said passport and payment data remained secure, but warned the threat now is phishing. Cybercriminals will exploit stolen data adding realistic details to their scam emails. These details can lure victims into clicking malicious links or handing over more sensitive information. KLM has already issued warnings and listed the only official emails it uses. Customers should check the email address of any sender requesting information.
In an email to its customers, KLM said: “We are reaching out to you because of a recent data breach involving your personal data. Specifically, a fraudster gained limited access to a third party system that is used by KLM.”
The airline has reported the incident to Dutch authorities and tightened cybersecurity controls. However, this is the latest in a string of aviation-sector breaches, following similar attacks on Qantas and British Airways.