USAPA alleges conspiracy at USAir?
04-01-2011, 05:49 AM
#1
Gets Weekends Off
Thread Starter
Joined APC: Jun 2008
Posts: 155
USAPA alleges conspiracy at USAir?
Was told the FBI has been notified that some former American West pilots gained access to company personal East pilot information from the company and big poo-poo is going to fly over there. Sounds serious.
04-01-2011, 06:18 AM
#2
Gets Weekends Off
Thread Starter
Joined APC: Jun 2008
Posts: 155
This was just sent to me.
November 30, 2010
John S. Pistole
Administrator
Transportation Security Administration
601 S. 12th St.
Arlington, VA 20598
Nathan Thomas Gray
Special Agent in Charge
Federal Bureau of Investigation
201 East Indianola Avenue
Phoenix, AZ 85012
William C. Withycombe
Western-Pacific Regional Administrator
Federal Aviation Administration
15000 Aviation Blvd
Hawthorne, CA 90250
Matter: Unauthorized Access of Confidential Pilot Information at US Airways Inc.
Dear Sirs:
On behalf of the US Airline Pilots Association, I write to advise federal authorities of an apparent recent unauthorized access to computerized records of thousands of commercial airline pilots employed by US Airways, Inc. These sensitive electronic records were taken from corporate computers, and confidential information such as individual pilot passport numbers and home addresses were disclosed to unknown perpetrators. We believe the unauthorized access to this confidential information may pose a direct threat to national security, our represented pilots' safety, and their professional standing.
Background and Access of Confidential Pilot Information
The US Airline Pilots Association (USAPA) is a federally certified labor representative headquartered in Charlotte, North Carolina that represents approximately 5,000 commercial airline pilots at US Airways, Inc. US Airways, Inc. (Company) is a major domestic and international air carrier headquartered in Tempe, Arizona.
In late October of this year, thousands of USAPA-represented pilots received an unsolicited mass mailing at their individual residential addresses. The individuals addressed were pre-merger US Airways pilots, generally referred to as "East pilots" to distinguish them from the former America West pilots, termed "West pilots." The two carriers merged in 2005.
The mailings had a return address for a private limited liability corporation headquartered in Tempe, Arizona. The return address on the mailer was:
Leonidas, LLC
P.O. Box 3362
Tempe, AZ 86280
Leonidas, LLC has sponsored or funded litigation allegedly on behalf of West pilots, against both the Company and USAPA stemming from an internal union dispute over seniority terms to be incorporated in a union contract currently under negotiation. The litigation remains ongoing in the federal courts at this time.
USAPA has never voluntarily disclosed its mailing lists or databases containing pilot residential addresses, or any other confidential information. In addition, the Company reports it has not voluntarily disclosed lists or databases containing pilot residential addresses, or any other confidential information. Nevertheless, as discussed further below, we conclude that the evidence suggests that the mailing information was obtained from the Company's computer databases, which also include such confidential information as pilot passport numbers.
Union and Company Response
In the immediate aftermath of the unsolicited mailing, many affected pilots expressed deep concern that confidential information personal to them had been breached. USAPA began an investigation that included eliminating the possibility of an internal breach within the Union.
A sampling of addresses targeted by the mass mailing consistently failed to match the address database maintained by USAPA. However, that sampling did consistently match a corporate database referred to as "CAT crew," which is used to schedule East pilots for flight duty (West pilots use a different database). While USAPA representatives on the Scheduling Committee do have limited access to the CAT crew database, full access to the database is supposed to be limited to US Airways' management personnel.
USAPA then contacted the Company for assistance, beginning with a brief presentation by the undersigned to the labor committee of the corporate Board of Directors concerning the apparent security breach. USAPA subsequently supplied documentary evidence to assist the Company's investigation, which led to the conclusion -- shared by USAPA and US Airways -- that the CAT crew database was the most likely source of the mailing. The Company confirmed that unrestricted access to the CAT crew database would also indicate unrestricted access to pilot passport information stored therein.
After reaching these preliminary conclusions, however, US Airways has not provided USAPA with further information concerning the persons responsible for the security breach, but has indicated that the Company has not contacted the appropriate federal agencies. USAPA has determined that it is in the interest of its pilot-members and national security to provide the FBI and FAA with the information currently in its possession.
Evidence and Findings
Reliable evidence confirms or supports the following findings of fact:
1) That addresses and associated names of resident East pilots were obtained and used in a mass mailing by Leonidas, LLC, which was sent in late October 2010.
2) That the US Airways, Inc. "CAT crew" database, used for scheduling "East" operation pilots, was accessed without authorization sometime prior to that mailing. A comparison of mailings to addresses and names unique to the CAT crew database constitutes compelling evidence that the Company's CAT crew database was breached and is the source. This became apparent when it was discovered that pilot nicknames, which are maintained only in the Company's crew scheduling database, were utilized by Leonidas, LLC for its unsolicited mailing. Sample comparisons between the Leonidas, LLC mailing and the Company's crew scheduling database, which demonstrate this correlation, are attached as Exhibits A-D. (In addition, the Company's designated representative has reported to USAPA's attorneys that no other source is apparent and its investigation is also focused on the CAT crew database).
3) That the scope of the aforesaid unauthorized access encompasses access to the computerized records of thousands of individual pilots.
4) That the scope of the breached CAT crew database includes commercial airline pilot passport numbers as well as US Airways specific employee numbers. (The Company, through its designated representative, confirmed this to USAPA attorneys on Nov. 18, 2010, in Tempe, Arizona). The cross referencing of employee identification and passport information is one of the foundational elements of the CASS flight deck security system utilized by the major airlines in our country.
5) That corporate agents of Leonidas, LLC have refused to identify the source of addresses used in their mass mailing, either to USAPA or the Company.
Conclusions
From the above findings, we conclude the following:
Sincerely,
Capt. Michael Cleary, President
Cc: Doug Parker, CEO US Airways
November 30, 2010
John S. Pistole
Administrator
Transportation Security Administration
601 S. 12th St.
Arlington, VA 20598
Nathan Thomas Gray
Special Agent in Charge
Federal Bureau of Investigation
201 East Indianola Avenue
Phoenix, AZ 85012
William C. Withycombe
Western-Pacific Regional Administrator
Federal Aviation Administration
15000 Aviation Blvd
Hawthorne, CA 90250
Matter: Unauthorized Access of Confidential Pilot Information at US Airways Inc.
Dear Sirs:
On behalf of the US Airline Pilots Association, I write to advise federal authorities of an apparent recent unauthorized access to computerized records of thousands of commercial airline pilots employed by US Airways, Inc. These sensitive electronic records were taken from corporate computers, and confidential information such as individual pilot passport numbers and home addresses were disclosed to unknown perpetrators. We believe the unauthorized access to this confidential information may pose a direct threat to national security, our represented pilots' safety, and their professional standing.
Background and Access of Confidential Pilot Information
The US Airline Pilots Association (USAPA) is a federally certified labor representative headquartered in Charlotte, North Carolina that represents approximately 5,000 commercial airline pilots at US Airways, Inc. US Airways, Inc. (Company) is a major domestic and international air carrier headquartered in Tempe, Arizona.
In late October of this year, thousands of USAPA-represented pilots received an unsolicited mass mailing at their individual residential addresses. The individuals addressed were pre-merger US Airways pilots, generally referred to as "East pilots" to distinguish them from the former America West pilots, termed "West pilots." The two carriers merged in 2005.
The mailings had a return address for a private limited liability corporation headquartered in Tempe, Arizona. The return address on the mailer was:
Leonidas, LLC
P.O. Box 3362
Tempe, AZ 86280
Leonidas, LLC has sponsored or funded litigation allegedly on behalf of West pilots, against both the Company and USAPA stemming from an internal union dispute over seniority terms to be incorporated in a union contract currently under negotiation. The litigation remains ongoing in the federal courts at this time.
USAPA has never voluntarily disclosed its mailing lists or databases containing pilot residential addresses, or any other confidential information. In addition, the Company reports it has not voluntarily disclosed lists or databases containing pilot residential addresses, or any other confidential information. Nevertheless, as discussed further below, we conclude that the evidence suggests that the mailing information was obtained from the Company's computer databases, which also include such confidential information as pilot passport numbers.
Union and Company Response
In the immediate aftermath of the unsolicited mailing, many affected pilots expressed deep concern that confidential information personal to them had been breached. USAPA began an investigation that included eliminating the possibility of an internal breach within the Union.
A sampling of addresses targeted by the mass mailing consistently failed to match the address database maintained by USAPA. However, that sampling did consistently match a corporate database referred to as "CAT crew," which is used to schedule East pilots for flight duty (West pilots use a different database). While USAPA representatives on the Scheduling Committee do have limited access to the CAT crew database, full access to the database is supposed to be limited to US Airways' management personnel.
USAPA then contacted the Company for assistance, beginning with a brief presentation by the undersigned to the labor committee of the corporate Board of Directors concerning the apparent security breach. USAPA subsequently supplied documentary evidence to assist the Company's investigation, which led to the conclusion -- shared by USAPA and US Airways -- that the CAT crew database was the most likely source of the mailing. The Company confirmed that unrestricted access to the CAT crew database would also indicate unrestricted access to pilot passport information stored therein.
After reaching these preliminary conclusions, however, US Airways has not provided USAPA with further information concerning the persons responsible for the security breach, but has indicated that the Company has not contacted the appropriate federal agencies. USAPA has determined that it is in the interest of its pilot-members and national security to provide the FBI and FAA with the information currently in its possession.
Evidence and Findings
Reliable evidence confirms or supports the following findings of fact:
1) That addresses and associated names of resident East pilots were obtained and used in a mass mailing by Leonidas, LLC, which was sent in late October 2010.
2) That the US Airways, Inc. "CAT crew" database, used for scheduling "East" operation pilots, was accessed without authorization sometime prior to that mailing. A comparison of mailings to addresses and names unique to the CAT crew database constitutes compelling evidence that the Company's CAT crew database was breached and is the source. This became apparent when it was discovered that pilot nicknames, which are maintained only in the Company's crew scheduling database, were utilized by Leonidas, LLC for its unsolicited mailing. Sample comparisons between the Leonidas, LLC mailing and the Company's crew scheduling database, which demonstrate this correlation, are attached as Exhibits A-D. (In addition, the Company's designated representative has reported to USAPA's attorneys that no other source is apparent and its investigation is also focused on the CAT crew database).
3) That the scope of the aforesaid unauthorized access encompasses access to the computerized records of thousands of individual pilots.
4) That the scope of the breached CAT crew database includes commercial airline pilot passport numbers as well as US Airways specific employee numbers. (The Company, through its designated representative, confirmed this to USAPA attorneys on Nov. 18, 2010, in Tempe, Arizona). The cross referencing of employee identification and passport information is one of the foundational elements of the CASS flight deck security system utilized by the major airlines in our country.
5) That corporate agents of Leonidas, LLC have refused to identify the source of addresses used in their mass mailing, either to USAPA or the Company.
Conclusions
From the above findings, we conclude the following:
- There was an unauthorized access from a "protected computer" within the meaning of the Counterfeit Access Device and Computer Fraud and Abuse Act 18 U.S.C. § 1030(e)(2)(b).
- The exact scope of the breach is unknown, but unauthorized access to airline pilot passport numbers coupled with pilot residential addresses could potentially be used to forge U.S. commercial airline pilot passports, or identities, in order to gain access to international or domestic commercial aircraft or flights -- thereby posing a direct threat to our nation's security.
- Electronically Stored Information controlled by US Airways, and possibly by third parties, may indicate the time, place and manner of the breach.
Sincerely,
Capt. Michael Cleary, President
Cc: Doug Parker, CEO US Airways
04-01-2011, 08:37 AM
#4
Gets Weekends Off
Joined APC: Jan 2007
Position: Self employed
Posts: 3,048
Moved to Union thread. These are accusations by a Labor Union to the government 6 months ago. No FBI involvement is apparent, unless you have other sources.
There is no finding by a government entity of either an investigation, or even statement of facts.
Mud slinging.
There is no finding by a government entity of either an investigation, or even statement of facts.
Mud slinging.
04-02-2011, 08:17 AM
#5
New Hire
Joined APC: Mar 2011
Posts: 7
The FBI is involved. This is a very serious crime they have committed. We have personally retained an attorney and will be sueing each individual Leonidas member who was involved in the theft of our identity, and Assistant Chief Pilot who gave or sold (not clear yet) this information to this Leonidas group.
This is not mud slinging and should not be minimized as the Leonidas group is doing. This group has now personally effected my family, their safety and security, possibily for the rest of our lives....
This is not mud slinging and should not be minimized as the Leonidas group is doing. This group has now personally effected my family, their safety and security, possibily for the rest of our lives....
04-02-2011, 08:22 AM
#6
Gets Weekends Off
Joined APC: Jan 2007
Position: Self employed
Posts: 3,048
Originally Posted by beka4u
The FBI is involved. This is a very serious crime they have committed. We have personally retained an attorney and will be sueing....
So, you have a news blurb of the FBI investigation? Or does that mean you (or somebody, like USAPA) made a report TO the FBI?
04-03-2011, 06:40 AM
#8
Gets Weekends Off
Joined APC: Jan 2008
Posts: 1,201
Irony... your use of the word integrity considering what happened with the integrated seniority list, and the binding arbitration that you guys have decided not to follow...
but hey, whatever... who is really counting?
but hey, whatever... who is really counting?
04-07-2011, 04:13 AM
#9
New Hire
Joined APC: Mar 2011
Posts: 7
Everything in an airline pilot's career is based on seniority. The definition of SENIORITY....status obtained as the result of a person's length of service. Seniority as you should know is everything! It dictates what equipment you fly, from what domicile and in what seat. Seniority determines when you fly, whether or not you're going to get weekends off, or if you are going to be home for Christmas, Thanksgiving, or your kids birthday. Let's see, didn't America West start up in the early 80's?
Besides this issue is over. DATE OF HIRE
If this was so binding why did ALPA testify in court at the MDA suit that the NIC was only a proposal? It's over...if you do not like it maybe you should consider going back to flight instructing....just a thought.
Besides this issue is over. DATE OF HIRE
If this was so binding why did ALPA testify in court at the MDA suit that the NIC was only a proposal? It's over...if you do not like it maybe you should consider going back to flight instructing....just a thought.
Thread
Thread Starter
Forum
Replies
Last Post
