American Airlines discloses data breach after phishing scam in employee email
The airline has confirmed that a recent data breach has compromised an undisclosed number of employee and customer email accounts, with hackers gaining access to sensitive personal information.
American Airlines data breach: What happened?
In a notification mail sent to affected users, American Airlines (A1G) (AAL) said that in July 2022, the airline discovered that an unauthorized ‘actor’ compromised the email of an undisclosed number of American Airlines (A1G) (AAL) team members.
American Airlines Senior Manager for Corporate Communications Andrea Koos told tech media outlet BleepingComputer that airline employees' accounts were compromised in a phishing campaign but refused to reveal how many customers and employees were affected, instead saying that it was a "very small number”.
"American Airlines (A1G) (AAL) is aware of a phishing campaign that led to unauthorized access to a limited number of team member mailboxes. A very small number of customers and employees’ personal information was contained in those email accounts," Koos said.
Koos added: "While we have no evidence that any personal information has been misused, data security is of the utmost importance and we offered customers and team members precautionary support. We are also currently implementing additional technical safeguards to prevent a similar incident from occurring in the future."
American Airlines data breach: What personal information was compromised?
Date of birth
Driver’s license number
Medical information provided
What is American Airlines doing about the data breach?
American Airlines (A1G) (AAL) said that it is implementing additional technical safeguards to prevent similar incidents occurring in the future. The airline said that while it has no evidence to suggest that the given information had been misused, it is offering affected users a two-year membership of Experian’s IdentityWorks as an ‘abundance of caution’.
What can American Airlines account holders do?
The airline recommended that affected users enroll in its complimentary IdentitiyWorks accounts, remain vigilant, and to regularly monitor account statements.
Pilot sues Southwest Airlines after captain exposed himself mid-flight: AP
A Southwest Airlines pilot is suing the airline, her union and an ex-colleague after the co-worker locked the cockpit do...
Hong Kong to give away 500,000 air tickets to lure tourists back to the island
Hong Kong is giving away 500,000 free airline tickets in an attempt to lure tourists back to the island after more than...
Pilots strike forces Eurowings Germany to cancel hundreds of flights
Eurowings Germany is facing operational challenges after one-day pilots strike caused the budget airline to cancel hundr...
Six months detention: Canadian flight crew still detained in Dominican Republic
Pivot Airlines crew members are still detained in the Dominican Republic six months after finding and reporting drugs on...