American Airlines suffers cyberattack that exposed user data

American Airlines, based in Fort Worth, Texas, said hackers had cracked some employee email accounts and gained access to the personal information of a very small number of customers and employees, but declined to say how many.

According to Montana law enforcement officials, the airline told customers that the breach was discovered in July and that it had disabled the compromised accounts and hired a cybersecurity firm to conduct an investigation.

Although there is no evidence that the attackers misused personal information, the information in the compromised email accounts may have included their date of birth, driver’s license and passport numbers, as well as medical information they provided to the airline.

“American Airlines is aware of a phishing campaign that resulted in unauthorized access to a limited number of team member mailboxes,” said Curtis Blessing, a spokesman for the airline.

The compromised email accounts contained very little personal information about customers and employees. Blessing also stated that American Airlines is taking additional technical precautions to prevent a similar incident in the future.

The affected customers were offered two years of identity theft protection.

The sources for this piece include an article in NPR.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web