service and result in our customers purchasing tickets from other airlines. We have implemented security measures and change control procedures and have disaster recovery plans. We also require
our third party providers to have disaster recovery plans; however, we cannot assure you these measures are adequate to prevent disruptions, which, if they were to occur, could result in the loss of important data, increase our expenses, decrease
our revenues, and generally harm our business, reputation, and brand.
We may be impacted by increases in airport expenses relating
to infrastructure and facilities.
In order to operate within our current markets as well as continue to grow in new markets, we
must be able to obtain adequate infrastructure and facilities within the airports we serve. This includes gates, check- in facilities, operations facilities, and landing slots, where applicable. The costs associated with these airports are often
negotiated on a short-term basis with the airport authority and we could be subject to increases in costs on a regular basis with or without our approval.
In addition, our operations concentrated in older airports may be harmed if the infrastructure at those older airports fails to operate as
expected due to age, overuse, or significant unexpected weather events.
Our reputation and business may be harmed and we may be
subject to legal claims if there is loss, unlawful disclosure or misappropriation of, or unsanctioned access to, our customers, crewmembers, business partners or our own information or other breaches of our information security.
In the current environment, there are numerous and evolving risks to cybersecurity and privacy, including criminal hackers,
hacktivists, state-sponsored intrusions, industrial espionage, employee malfeasance, and human or technological error. High-profile security breaches at other companies and in government agencies have increased in recent years, and security industry
experts and government officials have warned about the risks of hackers and cyberattacks targeting businesses such as ours. Computer hackers routinely attempt to breach our networks. When the Company learns of security incidents, we investigate the
incident, which includes making reports to law enforcement, as appropriate.
We also are aware that hackers may attempt to fraudulently
induce crewmembers, customers, or others to disclose information or unwittingly provide access to systems or data. We make extensive use of online services and centralized data processing, including through third party service providers or business
providers. The secure maintenance and transmission of customer and crewmember information is a critical element of our operations. Our information technology and other systems and those of service providers or business partners, that maintain and
transmit customer information, may be compromised by a malicious third party penetration of our network security, or of a business partner, or impacted by deliberate or inadvertent actions or inactions by our crewmembers, or those of a business
partner. The risk of cyberattacks to our Company also includes attempted breaches of contractors, business partners, vendors, and other third parties. As a result, personal information may be lost, disclosed, accessed, or taken without consent. We
transmit confidential credit card information by way of secure private retail networks and rely on encryption and authentication technology licensed from third parties to provide the security and authentication necessary to effect secure
transmission and storage of confidential information.
While the Company makes significant efforts to ensure the security of its computer
network, we cannot provide any assurances that our efforts will defend against all cyberattacks. Any compromises to our security or computer network could have a material adverse effect on the reputation, business, operating results, and financial
condition of the Company, and could result in a loss of customers. Additionally, any material failure by the Company to achieve or maintain compliance with the Payment Card Industry, or PCI, security requirements or rectify a security issue may
result in fines and the imposition of restrictions on the Companys ability to accept credit cards as a form of payment. Any such loss, disclosure or misappropriation of, or access to, customers, crewmembers or business
partners information or other breach of our information security can result in legal claims or legal proceedings, including regulatory investigations and actions, may have a negative impact on our
S-31