American Airlines, largest airline in the world hacked via social engineering

After attackers hacked an unknown number of staff email accounts and obtained access to highly sensitive personal data, American Airlines informed consumers of a recent data breach.

American Airlines, which has more than 120,000 personnel and the largest fleet in the world, runs almost 6,700 flights every day to around 350 destinations in more than 50 countries.

The airline noted in notice letters distributed on Friday, September 16th, that there is no proof that the disclosed data was abused.

The hack was detected on July 5th by American Airlines, which then swiftly protected the affected email accounts and recruited a cybersecurity forensics company to look into the security problem.

Names, dates of birth, postal addresses, phone numbers, email addresses, driver’s license numbers, passport numbers, and/or specific medical information of workers and customers may have been exposed in the incident and subsequently accessible by threat actors.

The airline said that it will provide complimentary two-year memberships to Experian’s IdentityWorks to impacted clients to assist in the discovery and resolving of identity theft.

The business has not yet revealed how many consumers were impacted by the issue or how many email accounts were compromised. American Airlines is aware of a phishing attempt that resulted in a small number of team members’ mails being accessed without authorization. These email accounts had a relatively tiny amount of customers’ and employees’ personal information.

SITA, a leading provider of aviation information technology, said that hackers broke into its systems in March 2021 and obtained access to the Passenger Service System (PSS), which is utilized by several airlines across the world, including American Airlines.