More news on this day
SkyWest Airlines has launched a high-profile legal battle against two of its former pilots, accusing them of improperly accessing and harvesting sensitive employee data from an internal company portal in a case that blends cybersecurity concerns with a contentious push to unionize the carrier’s flight deck.
Details of the Lawsuit and Alleged Data Access
The civil complaint, filed on January 30, 2026, in the U.S. District Court for the District of Utah, names former SkyWest pilots Daniel Moussaron of Minnesota and Vikaas Krithivas of Illinois as defendants. The regional airline, which operates flights on behalf of major carriers including American Airlines, Delta Air Lines, United Airlines and Alaska Airlines, alleges that the pair violated federal and state law by accessing confidential personnel data through the company’s SkyWest Online portal.
According to the lawsuit, internal information technology logs show that beginning in late August 2025, Moussaron initiated a series of sessions on the portal that went beyond normal use. The airline contends he methodically stepped through the company’s pilot directory to retrieve personal contact details, including home addresses and mobile phone numbers, for hundreds of colleagues who had not consented to share that information for non-company purposes.
SkyWest alleges that Krithivas joined the effort in early September 2025 and, in a single day, downloaded thousands of pilot records containing similar personal data. The complaint claims the two former pilots effectively divided up the pilot list, resuming data extraction where the other left off until they had accessed information tied to nearly the entire pilot group.
The airline argues that these actions were not authorized under any company policy or job function and characterizes the conduct as a deliberate effort to exploit an internal system for purposes unrelated to SkyWest’s business operations.
Claims Under Cybercrime Law and Contract Violations
In court filings, SkyWest accuses the former pilots of violating the federal Computer Fraud and Abuse Act, a cornerstone statute used in many corporate hacking and unauthorized access cases. The company asserts that by pulling data beyond what was available in the standard user interface, the pilots exceeded their authorized access to company systems and caused damage and loss that will be quantified at trial.
Alongside the federal claim, the airline alleges breach of contract, pointing to confidentiality and non-disclosure provisions it says were part of the pilots’ employment agreements. Those provisions, according to the lawsuit, prohibit employees from misusing nonpublic information or disclosing it outside legitimate company purposes.
The complaint also asserts a civil conspiracy claim, arguing that Moussaron and Krithivas coordinated their actions to maximize the volume of data obtained. SkyWest contends that by sequentially mining records, handing off work between them, and continuing over several months, the pilots executed a plan that turned internal contact data into a large, privately controlled list.
SkyWest is seeking damages, legal fees and a jury trial, and is asking the court for relief that could include restrictions on the defendants’ ability to use or share any data they may have obtained from the company’s systems.
Union Organizing at the Heart of the Dispute
For their part, the former pilots do not dispute that they obtained broad contact information, but they frame the episode as part of a union organizing drive rather than a cybercrime scheme. In a motion and public statements summarized in legal filings, Moussaron says he began working with the Air Line Pilots Association in 2025 to organize SkyWest’s pilots, who are not currently represented by a traditional national union.
According to those filings, Moussaron contends that the SkyWest Online portal already allowed line pilots to see limited details about colleagues, such as names and base assignments, but that additional contact fields were visible when using standard browser developer tools. He argues that this amounted to reading data already exposed by the website, not bypassing passwords, exploiting a vulnerability or gaining administrator privileges.
Krithivas, in his own response, reportedly states that he agreed to help access the directory because he believed the sole purpose was to contact fellow pilots about unionization. The former pilots and their attorneys describe the case as fundamentally a labor dispute and have asked the court to view the alleged data access through that lens, rather than as hacking.
At least one of the defendants has moved to dismiss or limit the federal cybercrime claim, arguing that no technical barriers were broken and that using widely available developer tools should not be considered unauthorized access under the law. The court has yet to rule on those arguments, and the lawsuit remains at an early procedural stage.
Privacy Concerns for Thousands of SkyWest Employees
The lawsuit underscores the growing stakes around data privacy in the airline industry, where front-line workers often rely on internal portals for schedules, pay information and company bulletins. SkyWest estimates that almost 5,000 pilots had some portion of their personal information accessed, and the complaint links the alleged scraping of the directory to a wave of unsolicited messages pilots later received.
In late 2025, SkyWest pilots began reporting text messages and calls to personal cell phones promoting what the company characterizes as outside efforts unrelated to legitimate business. According to the complaint, at least one pilot told SkyWest that a caller claimed to have found a backdoor into the company directory, raising alarms inside the airline’s information security and human resources departments.
Although the contact campaign at issue appeared focused on organizing and outreach to pilots rather than financial fraud or identity theft, the scale of data involved has still triggered concern. For many employees, the episode serves as a reminder that even internal systems can expose sensitive details like home addresses when access controls and monitoring are not airtight.
Industry observers say the case will be closely watched by other carriers and unions, both for its legal implications under the Computer Fraud and Abuse Act and for what it signals about how aggressively airlines may respond when internal data is leveraged for labor organizing.
Implications for Travelers and the Regional Airline Landscape
For passengers, the lawsuit does not immediately affect day-to-day flying, and there is no indication that customer data was accessed or compromised. SkyWest’s claims focus on internal pilot records rather than traveler information, loyalty accounts or payment data, and flights continue to operate under the SkyWest name for its major airline partners.
However, the case arrives at a sensitive moment for regional aviation in North America. Regional carriers like SkyWest play a critical role in connecting smaller cities to major hubs, and they have faced ongoing pilot shortages, rising labor costs and increasing scrutiny over working conditions. How airlines manage employee data, respond to organizing activity and balance security with transparency has become a strategic issue that can influence recruiting, retention and operational reliability.
If the court ultimately backs SkyWest’s view that the conduct crossed a legal line, the case could set a precedent that discourages workers across the industry from using internal tools or directories to build contact lists for organizing campaigns. On the other hand, if judges accept the argument that using built-in browser functions is not unauthorized access, companies may face pressure to tighten technical safeguards and clarify policies to keep internal data truly restricted.
As the lawsuit moves forward in Utah, both advocates for stronger digital privacy and supporters of airline labor organizing are watching closely, aware that the outcome could reverberate well beyond SkyWest’s pilot group and influence how employee data is protected and policed throughout the aviation sector.