Air France-KLM Hack Underscores Common Tactics to Watch Out For
On August 6, Air France and KLM issued a public disclosure announcing that customer data had been compromised following a security incident involving a third-party service provider used by their customer contact centers. The airline group confirmed that personal details such as names, email addresses, phone numbers, frequent flyer numbers, and customer service message metadata were exposed.
Crucially, no passwords, payment information, or ID documents were affected, according to official statements. This breach represents a textbook case of third-party risk, highlighting the vulnerability of organizations that rely on external vendors like CRM systems, ticketing services, or marketing tools.
The breach also underscores the importance of securing relationships, data flows, and human behaviors that surround them. In 2025, being secure means more than just securing systems; it requires a comprehensive approach to cybersecurity that takes into account the entire digital supply chain.
Third-Party Risk: A Growing Concern
The incident involving Air France and KLM is not an outlier but an example of how vulnerable modern organizations have become, even those with significant resources, to widely known but highly effective intrusion techniques. Attackers are increasingly exploiting the human element and targeting the digital supply chain.
According to the PYMNTS Intelligence August 2025 Certainty Project report, "Vendors and Vulnerabilities: The Cyberattack Squeeze on Mid-Market Firms," widespread fears about social engineering targeting payments exist among mid-market firms, with 87% of them at least somewhat concerned. B2B cyber audits can help organizations assess their security posture, identify vulnerabilities, and build trust with partners and clients.
The Human Element: A Persistent Threat
Phishing via look-alike login portals remains a persistent threat. In these attacks, users are directed to fake login pages designed to replicate legitimate services, often via email, SMS, or compromised chat platforms. Once credentials are entered, attackers use them to access corporate systems or third-party SaaS platforms.
A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas was tied by Google researchers to a hacker group using voice phishing attacks to steal data from Salesforce CRM instances. Threat actors are also now commonly using search engine optimization (SEO) poisoning to place malicious pages near the top of search results.
The Extended Enterprise: A New Frontier in Cybersecurity
In a globally interconnected economy, the traditional fortress model of cybersecurity has become obsolete. The "perimeter" now encompasses not just a company's own systems but every partner, platform, and subcontractor touching its data.
Attackers increasingly combine technical compromise with psychological manipulation, using tactics such as phishing, social engineering, and voice phishing to gain access to corporate systems. This approach is known as the "extended enterprise," where the old perimeter model has been replaced by an intricate web of shared connections.
A Business Risk, a Customer Trust Issue, and Regulatory Survival
Cybersecurity is no longer an IT-only function; it is a business risk, a customer trust issue, and in some sectors, a matter of regulatory survival. CISOs are finding new allies in CFOs and COOs who increasingly see security investments as risk mitigation for business continuity.
Mitigating Risk Requires Both Technology and Governance
Mitigating this risk requires both technology and governance: rigorous vendor vetting, contractual clarity, continuous monitoring, and a corporate culture that treats security as a shared responsibility. The PYMNTS Intelligence report "The AI MonitorEdge Report: COOs Leverage GenAI to Reduce Data Security Losses" found that the share of chief operating officers (COOs) who said their companies had implemented AI-powered automated cybersecurity management systems leapt from 17% in May 2024 to 55% in August.