Security News > 2022 > September > American Airlines discloses data breach after employee email compromise
American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information.
American Airlines discovered the breach on July 5th, immediately secured the impacted email accounts, and hired a cybersecurity forensic firm to investigate the security incident.
"In July 2022 we discovered that an unauthorized actor compromised the email accounts of a limited number of American Airlines team members," the airline told affected customers [PDF].
"Although we have no evidence that your personal information has been misused, we recommend that you enroll in Experian's credit monitoring," American Airlines added.
American Airlines was also hit by a data breach in March 2021 when global air information tech giant SITA confirmed that hackers breached its servers and gained access to the Passenger Service System used by multiple airlines worldwide, including American Airlines.
As the world's largest airline by fleet size, American Airlines has more than 120,000 employees and operates almost 6,700 flights daily to roughly 350 destinations in over 50 countries.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)