By AJ Vicens

Oct 17 (Reuters) - Envoy Air, American Airlines' ( AAL )

largest regional carrier, suffered a hack in recent days

as part of the wave of extortion attempts from hackers

exploiting Oracle E-Business Suite applications, the

company confirmed on Friday.

A spokesperson for the Irving, Texas-based company, which

operates more than 160 aircraft on 875 daily flights, said in an

email that it is aware of the incident, and that the company is

investigating and has contacted law enforcement.

"We have conducted a thorough review of the data at issue

and have confirmed no sensitive or customer data was affected,"

the spokesperson said. "A limited amount of business information

and commercial contact details may have been compromised."

The company is the second entity to confirm it was hacked

as a result of a campaign targeting Oracle E-Business Suite

applications claimed by "CL0P," a cybercriminal extortion group

with a history of wide-ranging compromises against third-party

software or service providers.

CL0P listed American Airlines ( AAL ) on its website as a victim

late on Thursday. The timing of the attack was not clear.

CL0P did not immediately respond to a request for comment

sent to an email address used by the group.

An American Airlines ( AAL ) spokesperson referred questions on the

hacking to Envoy Air.

Experts at Google, a unit of Alphabet, said on

October 9 that "mass amounts of customer data" were stolen in an

operation that may have begun as early as three months ago.

Harvard University confirmed it had been attacked in a similar

fashion earlier this week, according to cybersecurity news

outlet the Record.