The personal details of thousands of pilot applicants for American Airlines and Southwest Airlines have been stolen after a data breach at recruitment software Pilot Credentials.
The two airlines first learned about the hack in May but have just alerted the over 8,000 people affected, the majority of which were applicants to American Airlines.
In a letter sent by the airline to those affected and filed with the Maine Attorney General’s office, the company said that it was cooperating with an investigation by law enforcement and would use an internal portal for pilot applications going forward, as is Southwest Airlines.
It said: “While we have no evidence to suggest that your information was targeted or misused for purposes of fraud or identity theft, we wanted to provide you with information about the incident and protective measures you can take.”
The information thought to have been gained by the hackers included the names, social security numbers, passport numbers, dates of birth and driver’s license numbers of those who had applied for pilot and cadet jobs.
According to the filings, the hack occurred on 30 April and affected 5,745 candidates for American and 3,009 candidates for Southwest.
Though the data breach only impacted a small part of the aviation industry, it is still notable for affecting both the world’s largest airline by fleet and the largest low-cost airline, especially after American Airlines suffered a similar hack last year.
The news will be especially unwelcome for American as it comes off a judicial ruling which stopped its partnership with JetBlue in the US northeast due to concerns from the Department of Justice that the alliance served as a “de facto merger”.
