Personal information for more than 8,000 applicants to become pilots at American Airlines and Southwest Airlines was stolen when hackers broke into a database maintained by a recruiting company.
The breach at Austin, Texas-based Pilot Credentials occurred April 30, and the airlines learned about it on May 3. They notified affected job seekers last week.
According to letters that the airlines were required to file with regulators in Maine, hackers gained access to names, birth dates, Social Security and passport numbers, and driver and pilot-license numbers of applicants for pilot and cadet jobs.
According to filings, 5,745 applicants to American and 3,009 at Southwest were affected, many of whom were hired by the airlines.
The Allied Pilots Association, which represents pilots at American, said 2,200 of its members were affected by the breach. Spokesman Dennis Tajer said the union is upset that American knew about the breach for more than seven weeks before it notified victims.
American said it had no evidence that the information was used for fraud or identity theft, but it offered each applicant two years of coverage from a service designed to protect people from identity theft.
The airlines said that since the breach, they have run their recruitment work through websites that they run instead of relying on another company.
Fort Worth-based American and Dallas-based Southwest say they are working with a law enforcement investigation.