Unscrupulous individuals have managed to swipe KLM's customer data, detailing the specifics of what was pilfered and advice on how to respond.
In early August 2025, a data breach occurred involving KLM Royal Dutch Airlines, affecting some customers' personal data. The breach exposed names, contact details, Flying Blue loyalty program numbers, and tier levels, as well as subject lines of service request emails and remarks made by KLM customer service agents [1][2][3][4][5].
Fortunately, sensitive data such as passwords, payment card details, passport numbers, booking information, and Flying Blue Miles balances were not compromised. KLM and Air France, part of the same airline holding group, detected the unusual activity and quickly collaborated with the affected third-party provider to contain the breach, implementing corrective security measures to prevent recurrence [1][2][3][5].
The airlines have notified affected customers and reported the incident to the Dutch Data Protection Authority and other relevant regulators to comply with EU privacy laws. In response, KLM advises customers to be vigilant against phishing attempts or scam communications that may reference their Flying Blue membership or personal information [2][3][5].
Customers are recommended to treat any unexpected messages or calls urging urgent action or requesting personal data with suspicion. They should verify suspicious communications by contacting KLM through official channels and be especially cautious of social engineering attempts that could exploit the leaked non-sensitive personal information to increase credibility [2][3][5].
Cybersecurity reports suggest that the attack may be linked to a broader campaign targeting Salesforce customer relationship management (CRM) platforms via social engineering and phishing, possibly involving hacker groups like ShinyHunters or Scattered Spider, which have recently focused on the airline sector. The breach did not involve exploiting Salesforce’s system vulnerabilities but gaining unauthorized access through phishing tactics [5].
KLM understands the concern this may cause and deeply regrets any inconvenience. The airline continues to strengthen security in cooperation with the third-party provider and regulatory authorities, and customers are encouraged to stay alert to suspicious communication using personal information [6]. For questions or further assistance, customers can contact the KLM Customer Contact Center.
Sources: [1] KLM Press Release - Data Breach Announcement [2] KLM Customer Advisory - Phishing Risks [3] Dutch Data Protection Authority - KLM Breach Notification [4] Air France Press Release - KLM Data Breach [5] Cybersecurity Analyst Report - Salesforce CRM Targeted in Wide-Scale Breach [6] KLM Customer Contact Center Contact Information
- In the realm of data-and-cloud-computing, it's crucial for companies like KLM to continually enhance their cybersecurity measures to safeguard customers' personal information from attacks like the one experienced in August 2025.
- The recent cybersecurity issue at KLM underscores the importance of being vigilant against crime-and-justice activities, such as phishing and social engineering, especially when personal data, even non-sensitive ones, are leaked.
