Security Affairs
Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

American Airlines disclosed a data breach

American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts. The intruders had access to sensitive personal information contained in the accounts, but the company’s data breach notification states that it is not aware […]

american airlines

American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts.

American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts.

The intruders had access to sensitive personal information contained in the accounts, but the company’s data breach notification states that it is not aware of any misuse of exposed data.

american airlines

The security breach was discovered on July 5th, the airline promptly adopted the measure to mitigate the incident and secure the impacted email accounts. Then American Airlines launched an investigation with the help of a leading cybersecurity forensic firm.

“In July 2022 we discovered that an unauthorized actor compromised the email accounts of a limited number of American Airlines team members. Upon discovery of the incident, we secured the applicable email accounts and engaged a third-party cybersecurity forensic firm to conduct a forensic investigation to determine the nature and the scope of the incident.” reads the data breach notification sent to the impacted customers (Source Bleeping Computer). “Our investigation determined that certain personal information was in the email accounts. We conducted a full eDiscovery exercise and determined some of your personal information may have been contained in the accessed email accounts. We have no evidence to suggest that your personal information was misused. Nevertheless, out of an abundance of caution, we wanted to provide you with information about the incident and protective measures you can take.”

Exposed data includes name, date of birth, mailing address, phone number, email address, driver’s license number, passport number, and/or certain medical information provided by the impacted individuals.

The company announced that it is implementing additional technical safeguards to prevent a similar incident from occurring in the future. American Airlines is offering a complimentary two-year membership of Experian’s IdentityWorksSM to protect the identity of the impacted users.

BleepingComputer reported that the employees’ accounts of American Airlines were compromised in a phishing campaign.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]