American Airlines data breach linked to phishing campaign

BleepingComputer reports that American Airlines has confirmed that it was breached after being targeted by a phishing attack leveraging an employee's compromised Microsoft 365 account. Numerous American Airlines employees also had their accounts accessed by attackers, which were then leveraged to deliver more phishing emails to other targets, American Airlines found in its investigation. "Through its investigation, American was able to determine that the unauthorized actor used an IMAP protocol to access the mailboxes. Use of this protocol may have enabled the unauthorized actor to sync the contents of the mailboxes to another device," said American Airlines in a legal notice. While American Airlines Senior Manager for Corporate Communications Andree Koos did not specify the number of impacted individuals, the data breach was reported in a filing with the Office of the Maine Attorney General to have affected 1,708 customers and team members. "Although we have no evidence that your personal information has been misused, we recommend that you enroll in Experian's credit monitoring," American Airlines added.