Email Phishing Attack Revealed by American Airlines

Several passengers of American Airlines are being warned that their personal information might have been compromised as a result of threat actors getting access to employee email accounts. 
The airline said that a phishing attempt led to hackers gaining access to the mailboxes of a limited number of employees. The stolen email accounts held some consumers’ personal data. The airline noted in notice letters distributed on Friday, September 16th, that there is no proof that the disclosed data was misused.
The hack was detected on July 5th by American Airlines, which then swiftly protected the affected email accounts and recruited a cybersecurity forensics company to look into the security incident.
American Airlines had hired a cybersecurity forensics company to look into the incident. The inquiry revealed that unauthorized actors had obtained the personal information of both customers and workers. Although they did not say how many consumers were impacted, they did say that names, dates of birth, addresses, emails, phone numbers, passport numbers, and even certain medical information could have been exposed.
American Airlines issued the following statement to BleepingComputer by the Manager for Corporate Communications. “American Airlines is aware of a phishing campaign that resul

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!