Data Breach Impacts American and Southwest Airlines: US Pilot Credentials Compromised

In a chilling reminder of the relentless threat posed by hackers and cybercriminals, not even the aviation industry is safe from their clutches. Recent reports have shed light on a grave security breach, as unauthorized individuals gained access to vital pilot credentials within two prominent American aviation companies.

The far-reaching impact of this breach serves as a stark warning to businesses across all domains: no data is safe from the clutches of malicious actors. 

This blog will dive deeper into the US pilot credentials hack and discuss a potential solution to avoid such attacks.

What Is the US Pilot Credentials Hack All About?

Earlier in May, two major players in the US aviation industry: American Airlines and Southwest Airlines, were notified of the pilot credential leak incident. However, it was limited to the airlines' third-party vendor systems for managing pilot applications and recruitment portals and didn't impact the airlines' systems or networks. 

Based on the available information, an unauthorized individual accessed the pilot credential systems and stole the documents containing applicant information.

According to the breach notifications filed with Maine's Attorney Journey, 5,745 pilots and applicants were impacted, while Southeast Airlines reported as 3,009. 

After investigation, American Airlines revealed they found the stolen data included the following information: 

  • Name
  • Social Security Number
  • Driver's License Number
  • Passport Number
  • Date of Birth
  • Airman Certificate Number 
  • Other Government Issued Identification numbers

As a result of this data breach, the Airlines plan not to use the vendor and direct the cadet and pilot applicants to their internal portals from now on. However, no evidence states that the pilot applicants' personal information was exploited or targeted for identity theft or fraud.

Both Southwest and American Airlines have notified the respective authorities regarding the breach and are cooperating with the ongoing investigation.

What Other Types of Attacks Are Common in the Aviation Industry?

While all sorts of scams, such as phishing and fake websites, are common, mobile app-based attacks are becoming more popular. Cybercriminals leverage loopholes in mobile apps that customers and the aviation staff use to gain authorized access to the data.

Take the example of a major South East Asian airline. This airline operates across the Middle East, North America, Australia, and South Asia and facilities passenger travel and cargo.

The airline faced two types of attacks on its mobile applications: manipulation and credential stuffing. 

Attackers carried out large-scale credential stuffing attacks, compromising nearly 1000 customer accounts in a single day. Since many users reuse passwords across multiple applications, stolen credentials could grant access to sensitive information stored on 3-5 websites, including social security numbers and debit/credit card details.

During these attacks, if an attacker made numerous unsuccessful login attempts on a customer's account, the legitimate customer would unintentionally get locked out of their account. This security breach required customers to contact customer support to reactivate their accounts by verifying their last accessed location. This consequence of credential stuffing attacks placed a burden on customer service and led to customer dissatisfaction, which was deemed unacceptable by the airline.

Fortunately, the airlines took the right decision and contacted Appknox. By creating a defensive environment and simulating attack scenarios, they were able to safeguard sensitive assets and private data, ultimately saving over $500,000 in just one year.

With our automated mobile app security platform, the airline could identify more loopholes, security, and compliance issues compared to the previous vendor they were using and strengthen their security.

In addition to enabling the airline to enhance its security posture, Appknox also helped them shorten its SDLC and release mobile apps more quickly. Thanks to the automated testing functionality, which saves a substantial amount of time.

How Can Businesses in the Aviation Industry Avoid Data Breaches?

One of the best ways to prevent data breaches is to find a reliable third-party vendor. Here's what to look for when choosing one:

  • Reputation: Regardless of what you're hiring the third-party vendor for, you should always look for vendors with a good reputation. The more experienced and reputed they are, the lesser the chances of them compromising your data.
  • Compliance: Ensure the vendor complies with all respective security laws and regulations stated by the TSA or ICAO.
  • Cybersecurity Capabilities: Considering the rise of cybersecurity threats in the aviation industry, you must check the cybersecurity capabilities of your vendor. Ideally, they should have fraud prevention solutions to tackle any potential attacks. 
  • Data Management and Privacy: The vendor handled confidential pilot data in the abovementioned data breach. And it's likely your vendor will also deal with similar data. So, robust data management systems should be in place that handle data in a secure manner.
  • Case Studies: Ask the vendor to provide case studies to determine how they helped previous buyers. You can also contact the vendor's previous customers for an unbiased review.

Selecting the correct third-party vendor can significantly minimize the likelihood of your data being compromised. However, have you considered the potential risks posed by insecure mobile apps? In that case, you can rely on automated security experts like Appknox!

Appknox's VAPT security solution offers both manual and automated vulnerability assessment and penetration testing enabling you to deliver secure apps faster than ever. 

Once the test is complete, you get a detailed report of vulnerability exploring each vulnerability's root cause. Additionally, you can contact Appknox's security professionals for consultation and remediation if you encounter any difficulties.

In a nutshell, Appknox helps you identify any loopholes or vulnerabilities in your mobile app and mitigate the risk before any hacker exploits it.


Whether you're a business in gaming, food, pharma finance, supply chain, or the aviation industry, you're constantly at risk of data breaches or cyber-attacks. 

While nothing guarantees 100% protection, you can drastically reduce the likelihood of any attack or data breach by enhancing your security posture. And fortunately, it's not that hard. Just be careful when looking for vendors who'll be exposed to your business data and leverage modern security solutions like Appknox.

Book a free trial with Appknox to discover how we enhance the security of your mobile apps!

Published on Jul 12, 2023
Subho Halder
Written by Subho Halder
Subho Halder is the CISO and Co-Founder of Appknox. He started his career researching Mobile Security. Currently, he helps businesses to detect and fix security vulnerabilities. He has also detected critical loopholes in companies like Google, Facebook, Apple, and others


Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now