Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
American Airlines and Southwest Airlines disclosed a data breach affecting pilots’ data on Friday, June 23. The incident was caused by an attack targeting Pilot Credentials, a third-party vendor that handles several airlines’ pilot selection and application platforms.
Details About the Data Breach
On April 30, the threat actor breached the Pilot Credentials’ systems and exfiltrated confidential documents from the pilot and cadet hiring process. Both American Airlines and Southwest Airlines found out about the incident on May 3 from the vendor’s representatives. The damage is contained to the third-party vendor’s systems and does not affect the networks of the two airlines.
American Airlines said that the data breach affected 5745 pilots and applicants, while Southwest indicated that a total of 3009 were compromised, according to breach reports sent on Friday to Maine’s Office of the Attorney General.
Additionally informing the appropriate law enforcement agencies of the breaches, American Airlines and Southwest Airlines are fully assisting them in their current investigation.
American Airlines revealed that the data exposed in the breach contained pilots’ personal information:
- Names
- Social Security Numbers
- Driver’s license numbers
- Passport numbers
- Dates of birth
- Airman Certificate Numbers
- Other government-issued identification number(s),”
“We are no longer utilizing the vendor, and, moving forward, Pilot applicants are being directed to an internal portal managed by Southwest,” Southwest Airlines said.
The airlines announced that from now on all pilots and cadets will use a self-managed internal portal instead of the vendor’s platform. Until now there is no evidence that the pilot’s data was the goal of this breach or that it was exploited in further cyberattacks.
Pas Years Breaches
American Airlines was affected by several breaches in the past. In July 2022, the company disclosed a phishing attack that compromised several staff email accounts.
As disclosed at the time, personal information exposed in the July 2022 breach may have included employees’ and customers’ names, dates of birth, mailing addresses, phone numbers, email addresses, driver’s license numbers, passport numbers, and/or certain medical information.
In September 2022, another data breach impacted over 1,708 American Airlines customers and team members. Furthermore, in March 2021 the organization was impacted by the SITA data breach that compromised the Passenger Service System (PSS) used by multiple airlines worldwide.
American Airlines has the world’s biggest fleet (over 1,300 aircraft), has more than 120,000 employees, and conducts almost 6,700 flights per day to about 350 destinations across more than 50 countries.
The largest low-cost airline in the world, Southwest Airlines operates out of more than 121 airports in 11 different countries and employs close to 70,000 people.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
