Dutch airline KLM announced that customer personal data was leaked following a hack attack on the company's third-party partner's system. The company, which did not disclose the number of people affected, advised customers to exercise caution when contacting KLM via email.
According to information released by KLM, financial data such as credit card numbers, passport details, passwords, or booking details were not leaked. However, names, contact details, and the subject lines of previously sent customer service messages were revealed.
“We recommend being vigilant about messages containing personal information and being cautious about contacts that seem suspicious,” the airline wrote in a message to passengers.
They also warned against phishing attempts, i.e. attempts to obtain data through fake messages or phone calls.
Advertisement See also: Awaken your inner stock market bull! With us, it costs nothing to go overboard.
The incident was reported to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), which is required by law for privacy breaches.
It did not disclose which partner company was attacked or how long the unauthorized access to the system lasted. KLM said it had taken “all possible steps” with its service provider to prevent similar incidents in the future and to strengthen security.
In recent years, cybercriminals have increasingly used stolen data not only to disable systems (ransomware) but also for blackmail, threatening to publish sensitive information. In 2024, the number of such attacks in the Netherlands nearly doubled.
According to the Office for Personal Data Protection, the best method of protection remains minimizing the amount of data stored. “What you don't store, you can't steal,” experts remind us.
From Amsterdam Patryk Kulpok (PAP)
pmk/ szm/
