https://www.bleepingcomputer.com/news/security/american-airlines-learned-it-was-breached-from-phishing-targets/

American Airlines says its Cyber Security Response Team (CIRT) found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account.

As the airline said in filings with the Office of the New Hampshire Attorney General, after receiving these phishing reports, American's CIRT discovered unauthorized activity in the company's Microsoft 365 environment.