🚨 Data Breach Alert‼️ KLM (klm.com) and Air France (airfrance.com) have disclosed a data breach stemming from a customer service provider. The compromised data appears to be limited to travelers who previously contacted customer service, and includes: first and last names, phone numbers, email addresses, Flying Blue (frequent flyer program) numbers and status, and the subject of support tickets. Sensitive data such as passwords and travel dates were not affected. KLM and Air France’s own systems were not impacted. The two airlines join a growing list of organizations in the aviation sector targeted this year. Earlier breaches have been confirmed by Qantas (qantas.com), Cathay Pacific (cathaypacific.com), Hawaiian Airlines (hawaiianairlines.com), WestJet (westjet.com), Cyprus Airways (cyprusairways.com), South African Airways (flysaa.com), GlobalX Air (globalairlinesgroup.com), and NetJets (netjets.com). Elit'Avia (elitavia.com), Wizz Air (wizzair.com), and Corporate Flight Inc. (corporateflight.com) have been claimed to be breached by the Qilin, Stormous, and Lynx ransomware gangs, respectively. Qilin also claimed an earlier attack this year on an airport management company - Malaysia Airports Holdings Berhad (malaysiaairports.com.my), which was confirmed by the country’s prime minister, Anwar Ibrahim. Kintetsu World Express, a Tokyo-based air freight provider, confirmed it had fallen victim to a ransomware attack by an unidentified threat actor. The Silent Crow and CyberPartisans BY hacker groups claimed responsibility for the recent cyberattack on Russian flag carrier Aeroflot (aeroflot.ru), which caused operational disruptions and flight cancellations. Source: techzine.eu/news/security/13…

"This data leak should never have happened.' Shadow defence secretary James Cartlidge reacts after it was revealed thousands of Afghans are being relocated to the UK after the personal data of those who supported the British military were leaked. trib.al/T3mz2c3