American, United Airlines Hacked: Thieves Hack Into Thousands Of Customer Accounts For Free Flights

In the middle of a unsettling hacking trend as 2015 begins, news has just emerged that American Airlines and United Airlines have been hacked.

The Associated Press reports via USA Today that thieves managed to obtain passwords of 10,000 customer accounts and use their frequent flier miles. Word got out Monday about the hackers when the airlines began emailing several thousand customers who were affected by the breach.

Cyber attackers broke into accounts so they could steal miles, book flights, and arrange upgrades. Some accounts with American Airlines were frozen and those customers were issued new AAdvantage frequent-flier numbers.

The American Airlines and United Airlines hacking occurred in December.

United spokesman, Luke Punzenberger, says that hackers were able to access about three dozen accounts and make fraudulent transactions with customers’ MileagePlus miles. The airline informed victims of the breach that they would restore their stolen miles. Punzenberger further says that United is now requiring all customers enter their MileagePlus numbers when logging into their accounts.

American spokeswoman, Martha Thomas, says that 10,000 accounts were affected, but it wasn’t specified if that was the number of accounts with unauthorized transactions. The airlines are offering to pay for a credit-watch service for customers whose accounts have been compromised, Thomas tells Associated Press.

AP adds in its report that when news got out about the security breach, the two airlines “were quick to say that nobody hacked their systems — that thieves got usernames and passwords somewhere else and tried to use them to log into American’s AAdvantage and United’s MileagePlus, hoping that the log-in information would be the same. They said that other information such as entire credit-card numbers was not exposed.”

It’s unknown how hackers accessed customer usernames and passwords to log into their accounts to steal miles.

Delta has already started preventative measures in avoiding hacking by having customers use longer, more complicated passwords versus 4-digit passwords. reports in-depth that the airline detected an attempt of fraudulent activity late last year. Delta’s spokesman, Anthony Black, says that none of the attempts were successful as far as the airline knows.

A spokeswoman for Southwest Airlines doesn’t report seeing any suspicious work of hackers during that time.

Due to American Airlines and United Airlines being hacked, it’s almost certain that airlines will require more stringent information from customers in order for them to access their accounts.

[Photo Credit: Getty Images via ABC News]