American Airlines suffers data leak, sensitive info exposed

American Airlines has notified customers of a recent data breach after hackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information.

In notification letters sent on Sept. 16, the airline explained that it has no evidence that the exposed data was misused.

American Airlines disclosed the data breach on July 5, immediately secured the impacted email accounts, and hired a cybersecurity forensic firm to investigate the security incident:

In July 2022 we discovered that an unauthorized actor compromised the email accounts of a limited number of American Airlines team members.

Upon discovery of the incident, we secured the applicable email accounts and engaged a third party cybersecurity forensic firm to conduct a forensic investigation to determine the nature and the scope of the incident.

Personal information exposed in the hacker attack and potentially accessed by the attackers may have included:

Employees' and customers' names,
Dates of birth,
Home addresses,
Phone numbers,
Email addresses,
Driver's license numbers,
Passport numbers or certain medical information.

The other day, Starbucks reported its customer database was breached online, with local media reporting that 200,000 individual's information was stolen.