KLM allegedly confirmed that violation of data from the external customer service provider resulted in the exposition of personal data of several customers, including those who were registered in its flying blue loyalty program.
According to the report TechzineBreach included unauthorized access to the platform of third -party customer support used by both KLM and its partner airline Air France. While KLM stressed that sensitive information such as passwords, travel data, passport numbers, credit card data and flying blue miles were not endangered, the airline admitted that some personal data were indeed accessible.
Exposed data associated with interactions of customer support
In the KLM affected report, the KLM revealed that compromised data could include the first and surnames, telephone numbers, e -mail address, flying blue numbers and status level numbers, as well as the subject lines of previous customer service requirements. Breach reportedly affects those who previously contacted customer support of the airline.
According to KLM, it explained that its internal systems remained safe and there was no impact on the incident. The IT safety team of IT airline, together with an external retailer, quickly dealt with protocols to violate and strengthen data protection protocols.
“This resulted in unauthorized access to customer data,” KLM spokesman said. “Our devotees, along with the third -party system involved, quickly took the necessary steps to deal with the situation and strengthen the protective measures to prevent it again.”
Regulators notified in the Netherlands and France
The incident was reported to relevant bodies, with KLM announced by the Dutch Data Protection Authority (Autoriteit Persoonsgevens) and Air France contacted the French Watchdog Cilo.
Although no critical financial or travel data have been issued, safety experts warn that the stolen information could be used to craft persuasion of phishing messages or fraudulent communication, the report said. KLM urges its customers to be particularly careful in taking unexpected e -mails or phone calls asking for personal data or selecting urgent measures.
This is not the first time KLM faces concerns about personal data protection. In December 2023, the Dutch broadcaster announced that the defect in the SMS system KLM allowed access to flight without proper verification. At the beginning of the same year, another violation of the Flying Blue program was similarly revealed by customer data.
KLM informs customers via e -mail
In communication with disabled customers, as shared by the flyer on X, the airline expressed its regret. Message, signed by Barry Ter Voert, the main KLM experience, read:
“We understand that this can cause concern, and deeply regret any inconvenience that it could have caused you.”
The affected individuals are encouraged to remain on the emergency room and report any suspicious activity to the KLM Contact Center.
(tagstotranslate) KLM Data Breach (T) Flying Blue Loyalty Program (T) Personal Data Exposure (T) Customer Support Platform (T) Data Protection Protocols (T) Flying Blue Data Leak (T) KLM (T) Flying Blue Program (T) KLM Cybersecurity Incident (T) KLM Privacy Issue (T) DC Data Protection Office (T) Alert
