American Airlines Hacked – Email Accounts Compromised to Gain Personal Data Access

After hackers compromised an undisclosed number of employee email accounts and accessed sensitive personal information, American Airlines has informed its customers that they have been the victim of a recent data breach.

It was revealed via notification letters that were sent to customers that the airline did not have any clue regarding the exposure and exploitation of the data.

On July 5th, American Airlines discovered that they had been hacked. Following the security breach, their immediate response was to secure the impacted email accounts the minute they became aware of it. 

Further, the company has also sought the assistance of a cybersecurity forensics firm in order to conduct an investigation into the security breach.

Exposed Personal Information

This attack may have exposed employees’ and customers’ personal information that could have been accessed by the threat actors as a result of the attack.

While here below we have mentioned the data that may have been exposed by the threat actors:-

• Names
• Dates of birth
• Mailing addresses
• Phone numbers
• Email addresses
• Driver’s license numbers
• Passport numbers
• Certain medical information

There has also been a statement by the airline offering free two-year memberships to Experian’s IdentityWorks to affected customers to assist them in dealing with identity theft issues.

Moreover, American Airlines strongly recommended users that they should monitor their free credit reports and frequently review their account statements to remain alert.

Affected Individuals are Few

Currently, the number of customers affected by the incident and the number of email accounts that have been breached by the issue have not been disclosed by the company.

A phishing campaign was used in order to compromise the accounts of the employees. However, the company refused to provide information on how many clients were affected or how many employees were affected.

Here’s what the Sr. Manager for Corporate Communications of American Airlines, Andrea Koos stated:-

“A limited number of team members’ emails were accessed by an unauthorized phishing campaign. There was just a small amount of personal information on customers and employees contained in these email accounts, which was not very large.”

What is American Airlines Doing?

In addition to operating around 6,700 flights a day to about 350 destinations in over 50 countries, American Airlines is the largest airline by fleet size in the world, serving more than 1,300 aircraft on its mainline, and it employs more than 120,000 people.

Currently, the company has claimed that they are working on adding more technical safeguards to their existing system to avoid a future occurrence of such an event.

Download Free SWG – Secure Web Filtering – E-book