Ransomware victim disclosure
← All victimsAir France & KLM
Claimed by Hunters International · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- France
- Sector
- Transportation/Logistics
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileAir France and KLM are two major international airlines operating under the Air France-KLM Group holding company, headquartered in France and the Netherlands respectively. Together they provide passenger and cargo services across major domestic and international routes worldwide. Their joint loyalty programme 'Flying Blue' serves millions of frequent flyers globally.
- Industry
- Commercial Aviation & Air Transport
- Employees
- 10000+
- Founded
- 1933
Attack summary
Severity: high — Data has been published by the threat actor against a major international airline operating at scale, with likely exposure of significant business and potentially customer PII data; however, no explicit confirmation of regulated medical or financial data at scale elevates this to critical.Hunters International claims to have attacked Air France & KLM and has published data (disclosed status: data_published), suggesting exfiltration of company data, though the specific volume and nature of exfiltrated files are not detailed in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Customer personal data
- Frequent flyer (Flying Blue) programme records
- Employee records
- Internal business documents
- Cargo and logistics data
Original description
AI-summarised, not from the leak postAir France & KLM is an international airline partnership under the parent company Air France-KLM Group. Based respectively in France and Netherlands, the airlines provide passenger and cargo services globally. Offering premium and economy services, they operate in major domestic and international routes. The brands stand for comfort, reliability, and customer service. The loyalty programme 'Flying Blue' rewards frequent flyers.
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

