Overview

• Air France-KLM detected unauthorized activity on a third-party contact-center platform on August 6 and swiftly ended the intrusion.
• The airline confirmed no payment, passport or travel booking data was compromised during the breach.
• Exposed customer records included names, contact details, Flying Blue account numbers and the subjects of email inquiries.
• The incident has been reported to France’s CNIL in accordance with EU data-protection regulations.
• Affected customers are being notified individually and advised to watch for potential phishing or identity-theft attempts.