Cybersecurity has suffered another blow as hackers have reportedly accessed personal information belonging to potentially hundreds of customers of KLM and Air France through a supply chain attack. This alarming breach was first unveiled in a report on KLM’s Dutch website, with a spokesperson from Air France-KLM confirming that the incident occurred during the week starting July 28, 2025.
An official statement provided to ITPro details that both airlines are currently investigating the unauthorized access to customer data. “Our IT security team identified unusual activity on a third-party platform utilized by our contact centers,” the spokesperson noted. Prompt corrective measures were implemented to mitigate the situation swiftly and effectively.
While the spokesperson assured that no sensitive information—such as passwords, travel details, Flying Blue Miles balances, passport data, or credit card numbers—was compromised, efforts are underway to prevent similar events in the future. The breach impacts only Air France and KLM customers, and the airlines are actively reaching out to those affected. Customers have been cautioned to remain vigilant regarding any suspicious communications in light of this incident.
Details on the compromised vendor have not been disclosed for security reasons. Nevertheless, KLM has escalated the issue to the Dutch data protection authority, the Autoriteit Persoonsgegevens, while Air France has notified its French counterpart, the CNIL.
In a related inquiry, ITPro reached out to the CNIL for further insights but had not received a response prior to publication.
The Growing Threat of Supply Chain Attacks
This incident underscores a troubling trend, as supply chain attacks have emerged as a prevalent strategy among cybercriminals. Research from security firm Checkmarx revealed that a staggering 63% of organizations reported being victims of such attacks within the last two years. Furthermore, 75% of companies utilizing open-source code expressed serious concerns regarding the security of their software supply chains.
In 2024, nearly all of the top 100 banks in the United States experienced third-party data breaches, closely resembling the attack on Air France-KLM. This vulnerability extends to fourth-party breaches, impacting organizations through their vendors’ vendors. The 2025 Global Third-Party Breach Report by SecurityScorecard emphasized that the Netherlands, where KLM is headquartered, ranks as one of the countries most susceptible to third-party breaches, second only to Singapore.
As this incident develops, businesses must remain alert to the evolving landscape of supply chain threats. Understanding the tactics and techniques outlined in the MITRE ATT&CK Framework can provide crucial insights. Potential tactics that may have been employed in this breach include initial access through compromised third-party service providers and subsequent privilege escalation to access sensitive customer data. By staying informed and vigilant, organizations can better protect themselves against similar threats.
ITPro will continue monitoring this situation and will provide updates as more information becomes available. Business owners are encouraged to prioritize their cybersecurity measures and to seek guidance on safeguarding against supply chain vulnerabilities.
