Exploit: Business Email Compromise
Risk to Business: Moderate
American Airlines has filed a breach notice declaring that it has had a data breach that may have impacted personal data for about 1700 customers and employees. Bleeping Computer detailed the incident saying that the American Airlines Cyber Security Response Team found out the attack from the targets of a phishing campaign that was using an employee’s hacked Microsoft 365 account to send phishing messages. Reportedly, the attacker accessed multiple employees’ accounts via phishing and used them to send more phishing emails to additional targets that have not been named.
Individual Risk: Moderate
Employee or customer personal information exposed in the attack may have included employees’ and customers’ names, dates of birth, mailing addresses, phone numbers, email addresses, driver’s license numbers, passport numbers or certain medical information.
Stress on your Business:
Business email compromise can take many forms but it is always an expensive nightmare in the end.
How Sieve can help:
If you have ever received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft contact us at 414.238.2110 or at [email protected] and we will provide you with specific tools that protect you from today’s security risks.
