American Airlines AAdvantage frequent flyer miles breach: Should you be worried?

Ed Walsh

Photo by Ed Walsh

American Airlines, one of the San Francisco Bay Area's largest carriers, notified customers in its Aadvantage frequent flyer program Friday of a security breach that may have exposed customers' private data.

According to the Dallas Morning News, the hack was not directly involving American Airlines' Web site but to the outside company that manages its frequent-flyer data. It is not yet know how many customers were impacted by the hack.

In a letter to customers Russell Hubbard, Chief Privacy Officer, American Airlines wrote:

"We are informing you of a recent event that may have involved a limited amount of your AAdvantage® information.

"American Airlines was recently notified by SITA, an information technology company that provides services to many international carriers, that SITA suffered a data security incident involving a limited amount of AAdvantage loyalty data residing on SITA’s passenger service system (SITA PSS). Importantly, the incident did not result in the compromise of any AAdvantage account passwords or financial information that may be stored in your AAdvantage account. American’s systems were not involved in this incident. 

"American is not a customer of SITA PSS. However, the incident did impact certain AAdvantage loyalty data as some of our airline partners store loyalty data in SITA PSS. We exchange a limited set of frequent flyer loyalty data with our airline partners to ensure recognition of our AAdvantage members’ loyalty status when traveling. 

"We have confirmed with SITA that your name, elite status, and AAdvantage number may have been affected by the incident. While American has no evidence that your AAdvantage information has been misused, we wanted to alert you of this incident. 

"As a best practice, we recommend you update your AAdvantage password regularly and use complex and unique passwords. While we do not believe your account is at risk, if you would like to reset your AAdvantage password as a precaution, you can reset your password here.

"We apologize for any inconvenience this may cause you and remain committed to the protection of your personal information."

Although the news is alarming, it appears that the breach of that Aadvantage frequent flyer data was limited. But you may want to change your password and closely monitor your credit for any indication of identity fraud. Services such as CreditKarma can alert you to suspicious activity.

The hack is the last thing the struggling airline industry needs right now. If you believe your data is being used by any unauthorized person, you may want to initiate a credit freeze. You must freeze your credit at three credit bureaus: Equifax, Experian and TransUnion. Consumer advocate Clark Howard offers information on freezing your credit in this step-by-step guide.

In a statement about the hack, SITA's wrote:

"SITA confirms that it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers. Passenger Service System (US) Inc. (“SITA PSS”) operates passenger processing systems for airlines.

"After confirmation of the seriousness of the data security incident on February 24, 2021, SITA took immediate action to contact affected SITA PSS customers and all related organizations.

"We recognize that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.

"SITA acted swiftly and initiated targeted containment measures. The matter remains under continued investigation by SITA’s Security Incident Response Team with the support of leading external experts in cyber-security.

"If you are the customer of an airline and have a Data Subject Access Request in relation to the handling of your personal data, this request must be made directly to that airline in accordance with GDPR and data protection legislation. SITA is unable to respond directly to any such request."

If you would like to be kept up to date on the American Airlines Aadvantage frequent flyer hack and other aviation news, be sure to hit the follow button and leave any comments below.

Comments / 0

Published by

News of interest impacting the San Francisco Bay Area and beyond.

San Francisco, CA

More from Ed Walsh

Comments / 0