American Air Parent Says Worker Data Compromised

July 6, 2010

American Airlines parent company said July 2 that the personal information of about 79,000 retirees, former and current employees has been compromised after a hard drive was stolen from its Fort Worth, Texas, headquarters.

No customer data was affected. The data was held by the company’s pension department.

The drive contained images of microfilm files, which included names, addresses, dates of birth, Social Security numbers and a “limited amount” of bank account information. Some health insurance information may have also been included – mostly enrollment forms, but also details about coverage, treatment, and other administrative information.

The data spans a period from 1960 to 1995.

AMR also believes some of the employee files also contained information on beneficiaries, dependents and other employees from 1960 to 1995.

The company has sent letters to the people that were impacted by the breach. AMR is offering one year of free credit monitoring for those affected.

It has already stepped up protective measures at its headquarters, including increasing security and testing the vulnerability of its computers.

AMR said it’s still investigating the incident.