service and result in our customers purchasing tickets from other airlines. We have implemented security measures and change control procedures and have disaster recovery plans. We also require
our third party providers to have disaster recovery plans; however, we cannot assure you these measures are adequate to prevent disruptions, which, if they were to occur, could result in the loss of important data, increase our expenses, decrease
our revenues, and generally harm our business, reputation, and brand.
We may be impacted by increases
in airport expenses relating to infrastructure and facilities.
In order to operate within our current
markets as well as continue to grow in new markets, we must be able to obtain adequate infrastructure and facilities within the airports we serve. This includes gates, check- in facilities, operations facilities, and landing slots, where applicable.
The costs associated with these airports are often negotiated on a short-term basis with the airport authority and we could be subject to increases in costs on a regular basis with or without our approval.
In addition, our operations concentrated in older airports may be harmed if the infrastructure at those older airports
fails to operate as expected due to age, overuse, or significant unexpected weather events.
Our
reputation and business may be harmed and we may be subject to legal claims if there is loss, unlawful disclosure or misappropriation of, or unsanctioned access to, our customers, crewmembers, business partners or our own
information or other breaches of our information security.
In the current environment, there are
numerous and evolving risks to cybersecurity and privacy, including criminal hackers, hacktivists, state-sponsored intrusions, industrial espionage, employee malfeasance, and human or technological error. High-profile security breaches at other
companies and in government agencies have increased in recent years, and security industry experts and government officials have warned about the risks of hackers and cyberattacks targeting businesses such as ours. Computer hackers routinely attempt
to breach our networks. When the Company learns of security incidents, we investigate the incident, which includes making reports to law enforcement, as appropriate.
We also are aware that hackers may attempt to fraudulently induce crewmembers, customers, or others to disclose
information or unwittingly provide access to systems or data. We make extensive use of online services and centralized data processing, including through third party service providers or business providers. The secure maintenance and transmission of
customer and crewmember information is a critical element of our operations. Our information technology and other systems and those of service providers or business partners, that maintain and transmit customer information, may be compromised by a
malicious third party penetration of our network security, or of a business partner, or impacted by deliberate or inadvertent actions or inactions by our crewmembers, or those of a business partner. The risk of cyberattacks to our Company also
includes attempted breaches of contractors, business partners, vendors, and other third parties. As a result, personal information may be lost, disclosed, accessed, or taken without consent. We transmit confidential credit card information by way of
secure private retail networks and rely on encryption and authentication technology licensed from third parties to provide the security and authentication necessary to effect secure transmission and storage of confidential information.
While the Company makes significant efforts to ensure the security of its computer network, we cannot provide any
assurances that our efforts will defend against all cyberattacks. Any compromises to our security or computer network could have a material adverse effect on the reputation, business, operating results, and financial condition of the Company, and
could result in a loss of customers. Additionally, any material failure by the Company to achieve or maintain compliance with the Payment Card Industry, or PCI, security requirements or rectify a security issue may result in fines and the imposition
of restrictions on the Companys ability to accept credit cards as a form of payment. Any such loss, disclosure or misappropriation of, or access to, customers, crewmembers or business partners information or other breach of
our information security can result in legal claims or legal proceedings, including regulatory investigations and actions, may have a negative impact on our
S-31