Cybersecurity

American Airlines confirms data breach

FILE -American Airlines passenger jets prepare for departure, Wednesday, July 21, 2021, near a terminal at Boston Logan International Airport, in Boston. Airlines facing a pilot shortage are boosting pay. The CEO of American Airlines said Thursday, June 30, 2022 that his airline has offered to raise pilot wages by nearly 17% through the end of 2024.(AP Photo/Steven Senne, File)

American Airlines on Tuesday confirmed a data breach that affected a “small number” of customers and employees.

A template notification to affected customers dated Sept. 16 and sent to Montana state officials, indicated the company learned in July 2022 that an unauthorized actor compromised a limited number of employees’ email accounts that contained personal information.

“American Airlines is aware of a phishing campaign that led to the unauthorized access to a limited number of team member mailboxes,” the airline said in a statement. “A very small number of customers and employees’ personal information was contained in those email accounts.”

“While we have no evidence that any personal information has been misused, data security is of the utmost importance and we offered customers and team members precautionary support,” the statement continued. “We are also currently implementing additional technical safeguards to prevent a similar incident from occurring in the future.”

The company said it hired a cybersecurity firm to investigate the incident and found the information may have included customers’s names, dates of birth, mailing addresses, phone numbers, emails, driver’s license numbers, passport numbers and medical information provided to the airline.

American is providing affected customers with a complimentary two-year membership to an identity theft protection service, although it said the actions were being taken out of an “abundance of caution.”

“Although we have no evidence that your personal information has been misused, we recommend that you enroll in Experian’s credit monitoring,” the airline wrote in the notification. “In addition, you should remain vigilant, including by regularly reviewing your account statements and monitoring free credit reports.”

Tags airlines american airlines American Airlines data breach Data breach phishing campaigns
See all Hill.TV See all Video