Wheels Up Partners LLC Suffers Data Breach, Exposing PII of Over 5,700 Customers
Wheels Up Partners LLC, a major private aviation company, disclosed a data breach that compromised the personally identifiable information (PII) of 5,710 current and former customers, including 10 residents of Maine. The incident was detected on November 3, 2025, after an unauthorized actor accessed the company’s systems on October 20, 2025, and exfiltrated sensitive files.
An investigation, conducted with third-party cybersecurity experts, confirmed that the exposed data included names and Social Security numbers. The breach went undetected for nearly two weeks, raising concerns about the severity of the intrusion. While the company has not identified the responsible party, the attack involved unauthorized access and data theft from internal systems.
On December 9, 2025, Wheels Up notified affected individuals via mail and reported the breach to the Maine Attorney General’s office. In response, the company launched an internal review, engaged law enforcement, and offered one year of complimentary credit monitoring and identity restoration services through Epiq to impacted customers. A dedicated assistance line and mailing address were also established for further support.
Source: https://www.claimdepot.com/data-breach/wheels-up-2025
Wheels Up cybersecurity rating report: https://www.rankiteo.com/company/wheels-up
"id": "WHE1765383376",
"linkid": "wheels-up",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '5710',
'industry': 'Private Aviation',
'location': 'Chamblee, GA, USA',
'name': 'Wheels Up Partners LLC',
'type': 'Company'}],
'attack_vector': 'Unauthorized Access',
'customer_advisories': 'Affected individuals can contact the dedicated '
'assistance line at 855-403-1822 or write to Wheels Up '
'Partners LLC for support. One year of complimentary '
'credit monitoring and identity restoration assistance '
'is offered.',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '5710',
'personally_identifiable_information': 'Names, Social '
'Security numbers',
'sensitivity_of_data': 'High (names and Social Security '
'numbers)',
'type_of_data_compromised': 'Personally identifiable '
'information (PII)'},
'date_detected': '2025-11-03',
'date_publicly_disclosed': '2025-12-09',
'description': 'Wheels Up Partners LLC, a leading private aviation company, '
'experienced a significant data breach exposing personally '
'identifiable information (PII) of at least 5,710 current and '
'former customers, including 10 in Maine. The breach involved '
'unauthorized access and data exfiltration from internal '
'systems.',
'impact': {'brand_reputation_impact': 'Severe due to sensitive data exposure',
'data_compromised': 'Personally identifiable information (PII), '
'including names and Social Security numbers',
'identity_theft_risk': 'High',
'systems_affected': 'Information technology systems'},
'investigation_status': 'Completed',
'post_incident_analysis': {'corrective_actions': 'Engaged third-party '
'cybersecurity experts, '
'notified law enforcement, '
'offered credit monitoring '
'and identity restoration '
'assistance',
'root_causes': 'Unauthorized access to IT systems '
'and undetected data exfiltration '
'for several days'},
'recommendations': 'Monitor financial accounts and credit reports, place '
'fraud alerts or credit freezes, be cautious of '
'unsolicited communications',
'references': [{'source': "Maine Attorney General's office"}],
'regulatory_compliance': {'regulatory_notifications': 'Maine Attorney '
"General's office"},
'response': {'communication_strategy': 'Mailed notices to impacted '
'individuals and disclosed breach to '
"Maine Attorney General's office",
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Federal law enforcement agencies',
'third_party_assistance': 'Third-party cybersecurity '
'specialists'},
'title': 'Wheels Up Partners LLC Data Breach',
'type': 'Data Breach'}