Sunday , July 7 2024

Again! Two big airlines disclosed data breaches

infosecbulletin Sunday , June 25 2023 Data Breach, International

American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed on Friday that their data had been breached. The breach was caused by a hack of Pilot Credentials, a third-party vendor that manages pilot applications and recruitment portals for multiple airlines.

The breach affected 5745 pilots and applicants at American Airlines and 3009 at Southwest Airlines. The stolen information included names, Social Security numbers, driver’s licenses, passports, dates of birth, and Airman Certificate numbers.

RockYou2024: Massive 10-Billion Password Leak

By infosecbulletin / Sunday , July 7 2024
A huge collection of passwords, containing almost ten billion unique passwords, was leaked on a popular hacking forum. The Cybernews...
Read More
RockYou2024: Massive 10-Billion Password Leak

ISPC first get together held with a festive look

By infosecbulletin / Sunday , July 7 2024
First get together of information security professionals community (ISPC) was held at Dhaka with a festive look with the participation...
Read More
ISPC first get together held with a festive look

ISACA Dhaka chapter election
Iqbal hossain president, Azad secretary for ISACA Dhaka chapter

By infosecbulletin / Saturday , July 6 2024
Mohammed Iqbal Hossain has been elected as the president of ISACA Dhaka chapter and Md. Abul Kalam Azad has been...
Read More
ISACA Dhaka chapter election Iqbal hossain president, Azad secretary for ISACA Dhaka chapter

Emerging Eldorado ransomware focuses on Windows, VMware ESXi VMs

By infosecbulletin / Saturday , July 6 2024
A new ransomware named Eldorado appeared in March and has locker versions for VMware ESXi and Windows. The gang has...
Read More
Emerging Eldorado ransomware focuses on Windows, VMware ESXi VMs

OVHcloud faces record 840 million DDoS Attack Using MikroTik Routers

By infosecbulletin / Friday , July 5 2024
French cloud computing firm OVHcloud recently handled the largest DDoS attack in terms of packet rate. This attack occurred during...
Read More
OVHcloud faces record 840 million DDoS Attack Using MikroTik Routers

New report; Polyfill[.]io Attack Impacts Over 380,000 Hosts

By infosecbulletin / Friday , July 5 2024
The web development community was affected by a supply chain attack on the popular Polyfill.io JavaScript library last week. Polyfill.js...
Read More
New report; Polyfill[.]io Attack Impacts Over 380,000 Hosts

Apache HTTP Server Update Patches Critical Source Code Disclosure Flaw

By infosecbulletin / Friday , July 5 2024
Apache Software Foundation released Apache HTTP Server version 2.4.61 to fix a serious source code disclosure vulnerability (CVE-2024-39884). This flaw...
Read More
Apache HTTP Server Update Patches Critical Source Code Disclosure Flaw

Microsoft Uncovers Flaws in Rockwell Automation PanelView Plus

By infosecbulletin / Thursday , July 4 2024
Microsoft's cybersecurity team found two major vulnerabilities in Rockwell Automation's PanelView Plus, a widely used human-machine interface in industrial settings....
Read More
Microsoft Uncovers Flaws in Rockwell Automation PanelView Plus

Researchers detect 28 new Ransomwares in June

By infosecbulletin / Thursday , July 4 2024
Cybersecurity experts found 28 new types of ransomware in June. These malicious programs are a big threat to individuals and...
Read More
Researchers detect 28 new Ransomwares in June

Vote for DHAKA, Vote for ISACA at 6 July

By infosecbulletin / Wednesday , July 3 2024
ISACA Dhaka Chapter election is going to be held on Saturday (6 July) 2024. This year 23 candidates will fight...
Read More
Vote for DHAKA, Vote for ISACA at 6 July

American Airlines and Southwest Airlines said that there is no evidence that the stolen information has been used for fraudulent or identity theft purposes. However, the airlines are no longer using Pilot Credentials and are directing all pilot and cadet applicants to self-managed internal portals.

This is not the first time that American Airlines has been hit by a data breach. In September 2022, the airline disclosed that a phishing attack had compromised the personal information of over 1,700 customers and employees. And in March 2021, American Airlines was one of several airlines that was affected by a data breach at SITA, a global air information tech giant.

American Airlines is the world’s largest airline by fleet size, while Southwest Airlines is the world’s largest low-cost carrier. Both airlines have a combined workforce of over 190,000 people.

The data breaches at American Airlines and Southwest Airlines are a reminder of the importance of data security. Airlines collect a lot of personal information about their customers and employees, and this information is a valuable target for hackers. Airlines need to take steps to protect this information from unauthorized access.

Here are some additional details about the data breach:

  • The breach occurred on April 30, 2023.
  • The unauthorized individual gained access to Pilot Credentials’ systems by exploiting a vulnerability in the vendor’s software.
  • The stolen information was not encrypted, which made it easier for the attacker to access it.
  • American Airlines and Southwest Airlines have notified law enforcement of the breach and are cooperating with the investigation.

Check Also

isaka

Vote for DHAKA, Vote for ISACA at 6 July

ISACA Dhaka Chapter election is going to be held on Saturday (6 July) 2024. This …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin