As a follow up to the note I sent you related to the direct deposit issue for 133 team members’ $1,000 tax reform-related payout, I’d like to update you on our investigation and steps we’re taking.

What happened?

Based on our current investigation, it appears that an unauthorized person was able to reset a small number of team member Jetnet passwords to gain access to certain team member ePays account information through Jetnet with the purpose of redirecting payroll direct deposits to a fraudulent bank account number. The reason these 133 team members received a paper check for the $1,000 payout was to ensure the unauthorized individual was not successful in redirecting funds.

To date, we have found no evidence of a compromise of American Airlines systems, and believe team member information, including information used to make password changes, was likely obtained outside of American’s systems through fraudulent means. American takes all security concerns seriously, and we are diligently investigating to identify the source of any team member information the malicious person may have used to gain access to team member account information.

What information was impacted?

American has found no evidence of access to any personally identifiable information such as social security numbers, passport numbers or credit card numbers. Although these team members’ names, bank account numbers and routing numbers were visible, American does not store bank account passwords, security or access codes to their bank accounts. As such, we do not believe this incident could result in any unauthorized access to impacted team member bank accounts.

What we’re doing.

Within twenty four hours of learning of this activity, American took a number of steps to protect its team members:

• We immediately suspended all ability to change direct deposit account information online, and provided a message to team members on how they can change their information through a Payroll Service Center representative.

• We issued the planned $1,000 payout to some team members via paper checks, rather than through direct deposit.

• We reset the Jetnet passwords for all potentially impacted team members.

• We are implementing additional verification steps for Jetnet password resets.

• We began an immediate investigation into the incident. We will continue to inform impacted team members and you of any pertinent developments.

What we’re doing for impacted team members.

• We notified affected team members of the issue within 24 hours of finding it.

• Our Payroll Service Center followed up by phone starting Monday to make sure these team members were aware of the direct deposit issue and to ensure we had the correct direct deposit information in our system.

• We are sending a communication to these team members today to let them know the result of our investigation and next steps they can take.

• As part of that, we are offering these team members complimentary credit monitoring through Experian.

As I mentioned above, we’ll continue to share pertinent updates with you and your affected members. If you have any questions, please let me know.

James B. Weel & Rob Jones, jr. MD – Labor Relations