American Airlines notified its clients on Friday, September 16th, that they have been the victims of a cyberattack after a number of employees’ email accounts were compromised.

The airline explained in its notification letter that it has no evidence the exposed data was misused.

What Happened?

American Airlines discovered that in July 2022 an unauthorized actor compromised the email accounts of a limited number of team members. The airline took immediate measures and secured the impacted accounts. A cybersecurity forensic firm was hired to investigate the security incident.

The attacker gained access to personal information of the customers such as names, dates of birth, residences, phone numbers, passport numbers, and/or certain medical information provided to the airline.

Although we have no evidence that your personal information has been misused. In addition, you should remain vigilant, including by regularly reviewing your account statements and monitoring free credit reports.


To compensate for the incident, American Airline said it will provide the affected customers and employees with support to detect and prevent future cases of identity theft.

How Many Were Affected?

The company has not disclosed the number of affected customers as of yet, or how many email addresses have been compromised during the attack.

In order to learn more about the incident, BleepingComputer contacted American Airlines’ Senior Manager for Corporate Communications, Andrea Koos. The official admitted that a phishing attack led to the accounts’ compromise, but refused to disclose the number of affected individuals.

American Airlines is aware of a phishing attack that led to the unauthorized access to a limited number of team member mailboxes. A very small number of customers and employees’ personal information was contained in those email accounts.


Even if there is no proof of data misuse, the airline provided staff and customers with precautionary support because “data security is of the utmost importance” to them. American Airlines is implementing additional protection technology in place to ensure that a situation like this doesn’t happen again.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.

The Most Relevant Ransomware Statistics and Facts of 2022

Phishing attacks explained: How it works, Types, Prevention and Statistics

Outspread SITA Security Breach Exposes More Airlines [Updated]

How to Prevent Identity Theft With 20 Essential Steps [Updated]

Leave a Reply

Your email address will not be published. Required fields are marked *