US aviation operator American Airlines recently notified its customers of a data breach, after malicious operators compromised an undisclosed number of email accounts belonging to its personnel and gained access to confidential personal information.

However, in its dedicated breach notification letters, the airline stated that it had no evidence that the personal data exposed was misused.

The operator is the largest airline in the world in terms of fleet size, with over 1,300 active aircraft, and employs more than 120,000 staff members while operating close to 6,700 flights each day to around 350 destinations located in more than 50 different countries.

Discovery of a data breach

American Airlines identified the breach back in July this year, and immediately secured the affected email accounts. It also hired an expert cybersecurity forensic firm to conduct an investigation of the security incident.

The airline explained:

“In July 2022 we discovered that an unauthorised actor compromised the email accounts of a limited number of American Airlines team members. Upon discovery of the incident, we secured the applicable email accounts and engaged a third-party cybersecurity forensic firm to conduct a forensic investigation to determine the nature and the scope of the incident.”

Personal data exposed in the cyberattack and accessed potentially by the threat operators may have included both customer’s and employees’ names, mailing addresses, dates of birth, phone numbers, driver’s license numbers, email addresses, private medical information, and passport numbers.

American Airlines stated that it would offer impacted customers a free two-year membership to Experian’s dedicated service IdentityWorks to assist with detecting instances of identity theft and resolution.

The airline commented that while it has no evidence of data misuse, it advised customers and employees to enrol in the credit monitoring services supplied by Experia. It added that data subjects should stay vigilant and regularly review their account statements and free credit reports.

Individuals impacted by the breach

American Airlines has not yet disclosed how many customers have been impacted by the breach, nor how many staff email accounts were penetrated during in the security incident.

Senior Manager for Corporate Communications at American Airlines, Andrea Koos, confirmed that the employees email accounts were compromised due to a malicious phishing campaign, However, no exact figure on the number of staff members and customers that were affected, was given. Koos commented simply that it involved a “very small number.”

The Senior Manager said that data security is always a top priority for American Airlines and added that it had offered its team members and customers precautionary support. Additionally, the airline has gone on record to say it is presently implementing further technical safeguards designed to stop a similar incident from taking place in the future.

The US airline also suffered a data breach last year in March, when the international air information technology giant SITA revealed that a team of hackers had breached its company servers and obtained access to the dedicated Passenger Service System (PSS) that is used by American Airlines and numerous airlines around the world.