Skip to content
Data breachOngoing

1,042 Airclaim customers affected by a claimed data leak

On 8 March 2026, a threat actor put a 121 GB database from flight-compensation platform Airclaim up for sale on a hacker forum, claiming 55,867 affected passengers — including 1,042 French nationals — with scanned passports, signatures and boarding passes exposed.

Victim
Airclaim
records
55.9K

On 8 March 2026, Airclaim — an EU flight-compensation platform that helps air passengers claim refunds for delayed and cancelled flights — was named in a breach listing after a threat actor advertised a 121 GB database of its customers for sale on a major hacker forum. The actor claimed exclusivity, offering the dump to a single buyer to preserve its resale value.

The seller put the number of affected passengers at 55,867, drawn mainly from Romania (about 22,651), Spain (about 5,836) and Italy (about 5,190); roughly 1,042 of the records belonged to French nationals. Because Airclaim's service requires customers to upload identity and travel documents to substantiate a claim, the exposed set is unusually rich for identity fraud.

The data on offer reportedly includes:

  • Scanned passports and handwritten signatures
  • Scanned boarding passes, flight numbers, dates and booking references
  • Full names, home addresses, phone numbers and email addresses
  • Full claim narratives and flight/airline details

Analysts described the combination as a ready-made "document kit" suitable for KYC bypass at financial institutions and for hyper-targeted phishing built around victims' real flight histories. As of disclosure the listing was active and the claim had not been publicly confirmed by Airclaim; the breach therefore remains unverified and ongoing.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-03-08-airclaim
  2. frenchbreaches.comhttps://frenchbreaches.com/blog/airclaim-un-hacker-revendique-la-fuite-de-55-000-passeports-et-documents-de-passagers
  3. brinztech.comhttps://www.brinztech.com/breach-alerts/brinztech-alert-alleged-database-of-airclaim-com-on-sale/

Related incidents

Data breachOngoing

Leak at Interrail

A December 2025 cyberattack on Eurail B.V., operator of the Interrail and Eurail rail passes, exposed personal data of roughly 308,000 travellers — including names, contact details, dates of birth and passport numbers — which by 2026 was being sold on the dark web.

Victim
Interrail
Records
308.8K
Data breachContained

Data leak at Mingat

On 19 March 2026, French vehicle-rental company Mingat confirmed a data leak affecting its customers, notifying them of a security incident that exposed personal information held in its rental records.

Victim
Mingat
Data breachContained

3,600 Gustave-Auto customers affected by a claimed data leak

Gustave-Auto, a French automotive services platform (vehicle convoyage, fleet management and repairs), disclosed in February 2026 that an access anomaly exposed partner data — names, postal and email addresses, phone numbers, IBAN/BIC banking details and SIRET/VAT numbers — with a tracker claim citing around 3,600 records.

Victim
Gustave-Auto
Records
3.6K