From bleepingcomputer.com
American Airlines says its Cyber Security Response Team found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee’s hacked Microsoft 365 account.
As the airline said in filings with the Office of the New Hampshire Attorney General, after receiving these phishing reports, American’s CIRT discovered unauthorized activity in the company’s Microsoft 365 environment.
The investigation also revealed the attacker accessed multiple employees’ accounts (also compromised via phishing attacks) and used them to send more phishing emails to targets American has not yet disclosed.