American Airlines sues Joomla and CloudAccess over scam site obtaining customer data

American Airlines logo
The scam site is still operating. Photo credit: Getty Images

American Airlines has sued website publishing system Joomla and host CloudAccess in Manhattan' federal court on Sunday local time, for allegedly allowing a counterfeit website to steal user credentials for the airline's site.

Unknown parties misused American's trademarks and copyrights to trick consumers into believing was the real website for the airline's cargo services, and Joomla and CloudAccess never responded after American told them about it, according to the complaint.

American declined to comment. American's attorney Daniel Filor of Greenberg Traurig didn't immediately respond to a request for comment, nor did CloudAccess or Joomla's owner Open Source Matters Inc.

Fake American Airlines website.
The website has reportedly been gathering customer data from legitimate American Airlines customers. Photo credit: Joomla

The complaint said that Joomla provides free software for creating and launching websites hosted on CloudAccess' platform. According to American, Joomla allowed a user to create the fake American website without verifying whether the person was affiliated with the company, and Joomla "would have quickly realised that the person creating the account was not affiliated with American" if it had "made any effort to do so."

The airline said the Joomla site collects usernames, passwords, and email addresses from consumers who think they are signing into an account to track American cargo shipments, which can be sold to hackers or used to access their American accounts and others with similar login credentials.

American said it told Joomla and CloudAccess about the fake site as early as last December, but they never responded. The website is still active.