Hacker targets American Airlines
American Airlines on Tuesday confirmed a data breach that affected a “small number” of customers and employees.
A template notification to affected customers dated Sept. 16 and sent to Montana state officials indicated the company learned in July 2022 that an unauthorized actor compromised a limited number of employees’ email accounts that contained personal information.
- “American Airlines is aware of a phishing campaign that led to the unauthorized access to a limited number of team member mailboxes,” the airline said in a statement. “A very small number of customers and employees’ personal information was contained in those email accounts.”
- “While we have no evidence that any personal information has been misused, data security is of the utmost importance and we offered customers and team members precautionary support,” the statement continued. “We are also currently implementing additional technical safeguards to prevent a similar incident from occurring in the future.”
The company said it hired a cybersecurity firm to investigate the incident and found the information may have included customers’s names, dates of birth, mailing addresses, phone numbers, emails, driver’s license numbers, passport numbers and medical information provided to the airline.