{"id":117738,"date":"2025-10-19T03:00:00","date_gmt":"2025-10-18T21:30:00","guid":{"rendered":"https:\/\/aviationa2z.com\/?p=117738"},"modified":"2025-10-19T02:18:16","modified_gmt":"2025-10-18T20:48:16","slug":"american-airlines-largest-regional-subsidiary-suffers-data-breach","status":"publish","type":"post","link":"https:\/\/aviationa2z.com\/index.php\/2025\/10\/19\/american-airlines-largest-regional-subsidiary-suffers-data-breach\/","title":{"rendered":"American Airlines&#8217; Largest Regional Subsidiary Suffers Data Breach"},"content":{"rendered":"\n<p><strong>IRVING-<\/strong> <a href=\"https:\/\/aviationa2z.com\/index.php\/tag\/envoy-air\/\">Envoy Air (MQ)<\/a>, American Airlines&#8217; largest regional subsidiary, has confirmed a cybersecurity incident involving its Oracle E-Business Suite data after the Clop ransomware group listed American Airlines on its leak site.<\/p>\n\n\n\n<p>The airline stated that while some business and commercial contact data may have been accessed, no sensitive customer or financial information was compromised. The breach, linked to a broader Oracle E-Business Suite zero-day campaign, is part of an ongoing cyber threat targeting multiple organizations worldwide.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-1024x576.jpg\" alt=\"American Airlines' Largest Regional Subsidiary Suffers Data Breach\" class=\"wp-image-36371\" srcset=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-1024x576.jpg 1024w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-600x338.jpg 600w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-300x169.jpg 300w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-768x432.jpg 768w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-750x422.jpg 750w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ-1140x641.jpg 1140w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/1280px-American_Eagle_Envoy_Embraer175_N279MQ.jpg 1280w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Photo: By Aaron Davis &#8211; Gallery page http:\/\/www.instagram.com\/threshold.productions, CC BY-SA 4.0, https:\/\/commons.wikimedia.org\/w\/index.php?curid=92713161<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-envoy-air-confirms-data-breach\">Envoy Air Confirms Data Breach<\/h2>\n\n\n\n<p>Envoy Air, operating regional flights under the <a href=\"https:\/\/aviationa2z.com\/index.php\/tag\/american-eagle\/\">American Eagle<\/a> brand, confirmed that its Oracle E-Business Suite application was affected by a data breach incident traced to the Clop extortion group.<\/p>\n\n\n\n<p>Following the discovery, the airline initiated an investigation, engaged law enforcement, and verified that no personal passenger data was impacted.<\/p>\n\n\n\n<p>The Clop group began leaking stolen data allegedly belonging to Envoy on its dark web platform, accusing the airline of neglecting cybersecurity concerns.<\/p>\n\n\n\n<p>This attack is part of a broader campaign exploiting vulnerabilities within Oracle systems, specifically a zero-day flaw tracked as CVE-2025-61882, which Oracle later confirmed had been used in active attacks before being patched.<\/p>\n\n\n\n<p>CrowdStrike and Mandiant cybersecurity researchers reported that Clop exploited these vulnerabilities in early August 2025 to deploy malware and steal information from multiple organizations.<\/p>\n\n\n\n<p>While the exact number of victims remains unknown, industry experts suggest dozens of companies have been affected globally.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"960\" height=\"720\" src=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/960px-American_Eagle_E170.jpg\" alt=\"American Airlines' Largest Regional Subsidiary Suffers Data Breach\" class=\"wp-image-37281\" srcset=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/960px-American_Eagle_E170.jpg 960w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/960px-American_Eagle_E170-600x450.jpg 600w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/960px-American_Eagle_E170-300x225.jpg 300w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/960px-American_Eagle_E170-768x576.jpg 768w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2023\/06\/960px-American_Eagle_E170-750x563.jpg 750w\" sizes=\"(max-width: 960px) 100vw, 960px\" \/><figcaption class=\"wp-element-caption\">Photo: By Halligan218 &#8211; Own work, CC BY-SA 4.0, https:\/\/commons.wikimedia.org\/w\/index.php?curid=114029130<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-american-airlines-cyber-threats\">American Airlines Cyber Threats<\/h2>\n\n\n\n<p>Envoy Air, though operating independently, remains closely integrated into <a href=\"https:\/\/aviationa2z.com\/index.php\/tag\/american-airlines\/\">American Airlines\u2019<\/a> operational ecosystem for scheduling, ticketing, and customer management. This integration heightens potential cybersecurity exposure across shared systems.<\/p>\n\n\n\n<p>American Airlines, headquartered in Dallas\u2013Fort Worth International Airport (DFW), previously experienced breaches in 2022 and 2023, which exposed employee data.<\/p>\n\n\n\n<p>The latest incident adds to growing concerns about airline industry vulnerabilities, particularly those connected to third-party enterprise applications.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"1920\" height=\"973\" src=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped.webp\" alt=\"\" class=\"wp-image-88822\" srcset=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped.webp 1920w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-300x152.webp 300w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-1024x519.webp 1024w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-768x389.webp 768w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-50x25.webp 50w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-1600x811.webp 1600w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-1536x778.webp 1536w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-150x76.webp 150w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-450x228.webp 450w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/04\/American_Eagle_CRJ-700_N709PS_at_Charlotte_2022_cropped-1200x608.webp 1200w\" sizes=\"(max-width: 1920px) 100vw, 1920px\" \/><figcaption class=\"wp-element-caption\">Aircraft Involved in the DC Crash; Photo- Wikipedia <\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-clop-s-expanding-cyber-campaign\">Clop\u2019s Expanding Cyber Campaign<\/h2>\n\n\n\n<p>The Clop ransomware group, also tracked as TA505, Cl0p, and FIN11, has a history of exploiting critical vulnerabilities to exfiltrate corporate data.<\/p>\n\n\n\n<p>Since its emergence in 2019, Clop has evolved from deploying ransomware to large-scale data breach operations leveraging zero-day exploits.<\/p>\n\n\n\n<p>Major attacks attributed to Clop include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>2020<\/strong>: Accellion FTA zero-day attack, affecting nearly 100 organizations.<\/li>\n\n\n\n<li><strong>2021<\/strong>: SolarWinds Serv-U FTP software exploit.<\/li>\n\n\n\n<li><strong>2023<\/strong>: MOVEit Transfer zero-day breach, compromising data from over 2,700 organizations.<\/li>\n\n\n\n<li><strong>2024<\/strong>: Cleo file transfer platform vulnerabilities, impacting numerous firms.<\/li>\n<\/ul>\n\n\n\n<p>The US State Department currently offers a $10 million reward for information linking Clop\u2019s operations to a foreign government, underscoring the severity of its global impact.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1280\" height=\"720\" src=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1.webp\" alt=\"\" class=\"wp-image-116633\" srcset=\"https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1.webp 1280w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-300x169.webp 300w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-1024x576.webp 1024w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-768x432.webp 768w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-50x28.webp 50w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-150x84.webp 150w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-450x253.webp 450w, https:\/\/aviationa2z.com\/wp-content\/uploads\/2025\/10\/American_Eagle_Embraer_E175_Coming_in_For_a_Landing_50178347802-1280x720-1-1200x675.webp 1200w\" sizes=\"(max-width: 1280px) 100vw, 1280px\" \/><figcaption class=\"wp-element-caption\">Photo: John Brighenti | Wikimedia Commons\nhttps:\/\/commons.wikimedia.org\/wiki\/File:American_Eagle_Embraer_E175_Coming_in_For_a_Landing_(50178347802).jpg<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-ongoing-oracle-vulnerabilities\">Ongoing Oracle Vulnerabilities<\/h2>\n\n\n\n<p>Oracle later released patches for an additional zero-day flaw, CVE-2025-61884, without initially disclosing its active exploitation.<\/p>\n\n\n\n<p>The exploit, reportedly leaked by the Shiny Lapsus$ Hunters group, further exposes the challenges of securing enterprise platforms used across industries, including aviation.<\/p>\n\n\n\n<p>Cybersecurity experts recommend heightened vigilance, patch management, and data segmentation to mitigate risks stemming from such vulnerabilities. Airlines and logistics operators remain prime targets due to their reliance on integrated IT infrastructures.<\/p>\n\n\n\n<p>Stay tuned with us. Further, follow us on social media for the latest updates.<\/p>\n\n\n\n<p>Join us on\u00a0<a href=\"https:\/\/t.me\/s\/aviationa2z\" rel=\"nofollow\">Telegram Group\u00a0<\/a>for the Latest Aviation Updates. Subsequently, follow us on\u00a0<a href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMPLdrgsw_-jGAw?hl=en-IN&amp;gl=IN&amp;ceid=IN%3Aen\">Google News<\/a><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-wp-embed is-provider-aviation-a-2-z wp-block-embed-aviation-a-2-z\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"yIY15Ls5qB\"><a href=\"https:\/\/aviationa2z.com\/index.php\/2025\/10\/08\/air-france-lawsuit-in-new-york-amid-cyberattack\/\">Air France Faces Lawsuit in New York Amid Cyberattack, Why?<\/a><\/blockquote><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; visibility: hidden;\" title=\"&#8220;Air France Faces Lawsuit in New York Amid Cyberattack, Why?&#8221; &#8212; Aviation A2Z\" src=\"https:\/\/aviationa2z.com\/index.php\/2025\/10\/08\/air-france-lawsuit-in-new-york-amid-cyberattack\/embed\/#?secret=k9VirkTsoy#?secret=yIY15Ls5qB\" data-secret=\"yIY15Ls5qB\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Envoy Air (MQ), American Airlines&#8217; largest regional subsidiary, has confirmed a cybersecurity incident involving its Oracle E-Business Suite data after the Clop ransomware group listed American Airlines on its leak site.<\/p>\n","protected":false},"author":147,"featured_media":89610,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[6761,7308],"tags":[124,2580,11786,1887,9792,10079],"class_list":{"0":"post-117738","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-us-airlines-news","9":"tag-american-airlines","10":"tag-american-airlines-news","11":"tag-american-eagle","12":"tag-data-breach","13":"tag-envoy-air","14":"tag-envoy-air-news"},"_links":{"self":[{"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/posts\/117738","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/users\/147"}],"replies":[{"embeddable":true,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/comments?post=117738"}],"version-history":[{"count":4,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/posts\/117738\/revisions"}],"predecessor-version":[{"id":117783,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/posts\/117738\/revisions\/117783"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/media\/89610"}],"wp:attachment":[{"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/media?parent=117738"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/categories?post=117738"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aviationa2z.com\/index.php\/wp-json\/wp\/v2\/tags?post=117738"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}