Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk Assessment and Management The Company is increasingly dependent on the use of complex technology and systems to run its operations and support its strategic objectives. These technologies and systems include, among others, the Company's website and reservation system; mobile application; flight dispatch and tracking systems; flight simulators; check-in kiosks; aircraft maintenance, planning, and record keeping systems; telecommunications systems; flight planning and scheduling systems; crew scheduling systems; human resources systems; and financial planning, management, and accounting systems. Additionally, the Company must receive and process certain confidential or personal information related to its Customers and Employees to run its business, and the Company's operations depend upon secure collection, processing, retention, and transmission of such information. Therefore, the performance, reliability, and security of the Company's technology infrastructure and information systems are critical to the Company's operations and initiatives. The Company has an enterprise risk management (“ERM”) program to identify, evaluate, and manage risks. Cybersecurity risks are evaluated alongside other critical business risks under the ERM program to align cybersecurity efforts with the Company's broader business goals and objectives. The Company believes that integrating cybersecurity risks into its ERM program fosters a proactive and holistic approach to cybersecurity, which helps safeguard the Company’s operations, financial condition, and reputation in an ever-evolving threat landscape. The Company maintains a cybersecurity program that is designed to identify, protect from, detect, respond to, and recover from cybersecurity threats and risks, and protect the confidentiality, integrity, and availability of its information systems, including the information residing on such systems. The National Institute of Standards and Technology Cybersecurity Framework helps the Company inform its cybersecurity agenda and prioritize its cybersecurity activities. The Company takes a risk-based, threat-informed approach to cybersecurity, which begins with the identification and evaluation of cybersecurity risks or threats that could affect the Company’s operations, finances, legal or regulatory compliance, or reputation. Once identified, cybersecurity risks and related mitigation efforts are evaluated and prioritized based on their potential impact, likelihood, velocity, and vulnerability, considering both quantitative and qualitative factors. Risk mitigation strategies are developed and implemented based on the specific nature of each cybersecurity risk or threat. These strategies include, among others, the application of cybersecurity policies and procedures, implementation of administrative, technical, and physical controls, and Employee training, education, and awareness initiatives. The Company’s cybersecurity program also includes a Security Operations Center (“SOC”) that conducts ongoing monitoring of networks and systems for potential signs of suspicious activity. The SOC is a centralized function that monitors security alerts to initiate triage, verification, and remediation activities. Additionally, the Company’s cybersecurity program provides mechanisms for Employees to report any unusual or potentially malicious activity they observe. The Company tracks key performance indicators and cybersecurity metrics to evaluate the efficacy of its cybersecurity controls and practices. Further, the Company’s cybersecurity program is periodically reviewed by its Chief Information Officer ("CIO") and Chief Information Security Officer ("CISO" and, together with the CIO, the Company’s “Cybersecurity Leaders”) and adjusted in an effort to maintain the program’s agility and responsiveness as circumstances evolve, new cybersecurity threats emerge, and regulations change.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	The Company has an enterprise risk management (“ERM”) program to identify, evaluate, and manage risks. Cybersecurity risks are evaluated alongside other critical business risks under the ERM program to align cybersecurity efforts with the Company's broader business goals and objectives. The Company believes that integrating cybersecurity risks into its ERM program fosters a proactive and holistic approach to cybersecurity, which helps safeguard the Company’s operations, financial condition, and reputation in an ever-evolving threat landscape. The Company maintains a cybersecurity program that is designed to identify, protect from, detect, respond to, and recover from cybersecurity threats and risks, and protect the confidentiality, integrity, and availability of its information systems, including the information residing on such systems. The National Institute of Standards and Technology Cybersecurity Framework helps the Company inform its cybersecurity agenda and prioritize its cybersecurity activities. The Company takes a risk-based, threat-informed approach to cybersecurity, which begins with the identification and evaluation of cybersecurity risks or threats that could affect the Company’s operations, finances, legal or regulatory compliance, or reputation. Once identified, cybersecurity risks and related mitigation efforts are evaluated and prioritized based on their potential impact, likelihood, velocity, and vulnerability, considering both quantitative and qualitative factors. Risk mitigation strategies are developed and implemented based on the specific nature of each cybersecurity risk or threat. These strategies include, among others, the application of cybersecurity policies and procedures, implementation of administrative, technical, and physical controls, and Employee training, education, and awareness initiatives. The Company’s cybersecurity program also includes a Security Operations Center (“SOC”) that conducts ongoing monitoring of networks and systems for potential signs of suspicious activity. The SOC is a centralized function that monitors security alerts to initiate triage, verification, and remediation activities. Additionally, the Company’s cybersecurity program provides mechanisms for Employees to report any unusual or potentially malicious activity they observe. The Company tracks key performance indicators and cybersecurity metrics to evaluate the efficacy of its cybersecurity controls and practices. Further, the Company’s cybersecurity program is periodically reviewed by its Chief Information Officer ("CIO") and Chief Information Security Officer ("CISO" and, together with the CIO, the Company’s “Cybersecurity Leaders”) and adjusted in an effort to maintain the program’s agility and responsiveness as circumstances evolve, new cybersecurity threats emerge, and regulations change.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Board Oversight The Board is responsible for overseeing management’s assessments of major risks facing the Company and for reviewing options to mitigate such risks. The Board’s oversight of major risks, including cybersecurity risks, occurs at both the full Board level and at the Board committee level through the Audit Committee. The Board. The Chief Executive Officer, the Chief Operating Officer, the Chief Financial Officer, members of senior management, and other personnel and advisors, as requested by the Board, report on the Company’s financial, operating, and commercial strategies, as well as major related risks, which may include cybersecurity risks, at regularly scheduled meetings of the Board. Based on these reports, the Board may request follow-up information and presentations to address any specific concerns and recommendations. Additionally, the Audit Committee has opportunities to report regularly to the entire Board and review with the Board any major issues that arise at the committee level, which may include cybersecurity risks. The Audit Committee. The Audit Committee reviews with management the Company’s technology and cybersecurity frameworks, policies, programs, opportunities, and risk profile as needed at its regularly scheduled meetings. The Company’s CIO, CISO, members of the cybersecurity team, or other advisors, as requested by the Audit Committee, report quarterly on the Company’s technology, data protection, and cybersecurity strategies and risks. Cybersecurity topics are presented to the Audit Committee on a quarterly basis and generally highlight any significant cybersecurity incidents, the cyber threat landscape, cybersecurity program enhancements, cybersecurity risks and related mitigation activities, and any other relevant cybersecurity topics. Management believes that this regular cadence of reporting helps to provide the Audit Committee with an informed understanding of the Company’s dynamic cybersecurity program and threat landscape. As needed, the Audit Committee reviews with management the Company’s business continuity and disaster recovery plans and capabilities and the effectiveness of the Company’s escalation procedures. Based on these management reports, the Audit Committee may request follow-up information and presentations to address any specific concerns and recommendations. In addition to this regular reporting, cybersecurity risks or threats may also be escalated on an as-needed basis to the Audit Committee.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board. The Chief Executive Officer, the Chief Operating Officer, the Chief Financial Officer, members of senior management, and other personnel and advisors, as requested by the Board, report on the Company’s financial, operating, and commercial strategies, as well as major related risks, which may include cybersecurity risks, at regularly scheduled meetings of the Board. Based on these reports, the Board may request follow-up information and presentations to address any specific concerns and recommendations. Additionally, the Audit Committee has opportunities to report regularly to the entire Board and review with the Board any major issues that arise at the committee level, which may include cybersecurity risks. The Audit Committee. The Audit Committee reviews with management the Company’s technology and cybersecurity frameworks, policies, programs, opportunities, and risk profile as needed at its regularly scheduled meetings. The Company’s CIO, CISO, members of the cybersecurity team, or other advisors, as requested by the Audit Committee, report quarterly on the Company’s technology, data protection, and cybersecurity strategies and risks. Cybersecurity topics are presented to the Audit Committee on a quarterly basis and generally highlight any significant cybersecurity incidents, the cyber threat landscape, cybersecurity program enhancements, cybersecurity risks and related mitigation activities, and any other relevant cybersecurity topics. Management believes that this regular cadence of reporting helps to provide the Audit Committee with an informed understanding of the Company’s dynamic cybersecurity program and threat landscape. As needed, the Audit Committee reviews with management the Company’s business continuity and disaster recovery plans and capabilities and the effectiveness of the Company’s escalation procedures. Based on these management reports, the Audit Committee may request follow-up information and presentations to address any specific concerns and recommendations. In addition to this regular reporting, cybersecurity risks or threats may also be escalated on an as-needed basis to the Audit Committee.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board. The Chief Executive Officer, the Chief Operating Officer, the Chief Financial Officer, members of senior management, and other personnel and advisors, as requested by the Board, report on the Company’s financial, operating, and commercial strategies, as well as major related risks, which may include cybersecurity risks, at regularly scheduled meetings of the Board. Based on these reports, the Board may request follow-up information and presentations to address any specific concerns and recommendations. Additionally, the Audit Committee has opportunities to report regularly to the entire Board and review with the Board any major issues that arise at the committee level, which may include cybersecurity risks. The Audit Committee. The Audit Committee reviews with management the Company’s technology and cybersecurity frameworks, policies, programs, opportunities, and risk profile as needed at its regularly scheduled meetings. The Company’s CIO, CISO, members of the cybersecurity team, or other advisors, as requested by the Audit Committee, report quarterly on the Company’s technology, data protection, and cybersecurity strategies and risks. Cybersecurity topics are presented to the Audit Committee on a quarterly basis and generally highlight any significant cybersecurity incidents, the cyber threat landscape, cybersecurity program enhancements, cybersecurity risks and related mitigation activities, and any other relevant cybersecurity topics. Management believes that this regular cadence of reporting helps to provide the Audit Committee with an informed understanding of the Company’s dynamic cybersecurity program and threat landscape. As needed, the Audit Committee reviews with management the Company’s business continuity and disaster recovery plans and capabilities and the effectiveness of the Company’s escalation procedures. Based on these management reports, the Audit Committee may request follow-up information and presentations to address any specific concerns and recommendations. In addition to this regular reporting, cybersecurity risks or threats may also be escalated on an as-needed basis to the Audit Committee.
Cybersecurity Risk Role of Management [Text Block]	Management’s Role The Company has a dedicated cybersecurity organization within its technology department that focuses on current and emerging cybersecurity matters. The Company’s cybersecurity function is led by the Company’s CISO, who reports to the Company’s CIO. The Cybersecurity Leaders are actively involved in assessing and managing cybersecurity risks. They are responsible for implementing cybersecurity policies, programs, procedures, and strategies. The responsibilities and relevant experience of each of the Cybersecurity Leaders are listed below: •The CIO provides leadership for the Company’s technology department. The CIO holds an undergraduate degree from Cornell and has served in various roles in information technology for over 20 years, including Vice President, Senior Director, Manager and Consultant. •The CISO is responsible for leading the Company’s cybersecurity strategy and department while ensuring the protection of data and assets across the Company’s facilities, airports, and aircraft. The CISO has served in various roles in cybersecurity for over 15 years. The CISO earned a Bachelor of Business Administration in Management Information Systems from The University of Oklahoma and holds a Certified Information Systems Security Professional certification. The CISO also participates in the Aviation Information Sharing and Analysis Center Board and is the Vice Chair of the Cybersecurity Council at Airlines for America. The Company’s cybersecurity department is comprised of teams that engage in a range of cybersecurity activities such as threat intelligence, incident response, security operations, vulnerability management, risk and compliance and security engineering. These teams conduct vulnerability management and penetration testing to identify, classify, prioritize, remediate, and mitigate vulnerabilities. Leaders from each team regularly meet with the Cybersecurity Leaders to provide visibility of relevant issues and seek alignment with strategy. As noted above under “Incident Response,” the Company’s cybersecurity incident response plan includes standard processes for reporting and escalating cybersecurity incidents, as appropriate, to senior management, the Audit Committee, and the Board. Cybersecurity incidents that meet certain thresholds are escalated to the Cybersecurity Leaders and cross-functional teams on an as-needed basis for support and guidance. The Company’s incident response team also coordinates, as needed, with external legal advisors, communication specialists, and other key stakeholders.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The Company has a dedicated cybersecurity organization within its technology department that focuses on current and emerging cybersecurity matters. The Company’s cybersecurity function is led by the Company’s CISO, who reports to the Company’s CIO. The Cybersecurity Leaders are actively involved in assessing and managing cybersecurity risks. They are responsible for implementing cybersecurity policies, programs, procedures, and strategies. The responsibilities and relevant experience of each of the Cybersecurity Leaders are listed below: •The CIO provides leadership for the Company’s technology department. The CIO holds an undergraduate degree from Cornell and has served in various roles in information technology for over 20 years, including Vice President, Senior Director, Manager and Consultant. •The CISO is responsible for leading the Company’s cybersecurity strategy and department while ensuring the protection of data and assets across the Company’s facilities, airports, and aircraft. The CISO has served in various roles in cybersecurity for over 15 years. The CISO earned a Bachelor of Business Administration in Management Information Systems from The University of Oklahoma and holds a Certified Information Systems Security Professional certification. The CISO also participates in the Aviation Information Sharing and Analysis Center Board and is the Vice Chair of the Cybersecurity Council at Airlines for America.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The CIO provides leadership for the Company’s technology department. The CIO holds an undergraduate degree from Cornell and has served in various roles in information technology for over 20 years, including Vice President, Senior Director, Manager and Consultant. •The CISO is responsible for leading the Company’s cybersecurity strategy and department while ensuring the protection of data and assets across the Company’s facilities, airports, and aircraft. The CISO has served in various roles in cybersecurity for over 15 years. The CISO earned a Bachelor of Business Administration in Management Information Systems from The University of Oklahoma and holds a Certified Information Systems Security Professional certification. The CISO also participates in the Aviation Information Sharing and Analysis Center Board and is the Vice Chair of the Cybersecurity Council at Airlines for America.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Company’s cybersecurity department is comprised of teams that engage in a range of cybersecurity activities such as threat intelligence, incident response, security operations, vulnerability management, risk and compliance and security engineering. These teams conduct vulnerability management and penetration testing to identify, classify, prioritize, remediate, and mitigate vulnerabilities. Leaders from each team regularly meet with the Cybersecurity Leaders to provide visibility of relevant issues and seek alignment with strategy. As noted above under “Incident Response,” the Company’s cybersecurity incident response plan includes standard processes for reporting and escalating cybersecurity incidents, as appropriate, to senior management, the Audit Committee, and the Board. Cybersecurity incidents that meet certain thresholds are escalated to the Cybersecurity Leaders and cross-functional teams on an as-needed basis for support and guidance. The Company’s incident response team also coordinates, as needed, with external legal advisors, communication specialists, and other key stakeholders.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Assessment and Management

The Company is increasingly dependent on the use of complex technology and systems to run its operations and support its strategic objectives. These technologies and systems include, among others, the Company's website and

reservation system; mobile application; flight dispatch and tracking systems; flight simulators; check-in kiosks; aircraft maintenance, planning, and record keeping systems; telecommunications systems; flight planning and scheduling systems; crew scheduling systems; human resources systems; and financial planning, management, and accounting systems. Additionally, the Company must receive and process certain confidential or personal information related to its Customers and Employees to run its business, and the Company's operations depend upon secure collection, processing, retention, and transmission of such information. Therefore, the performance, reliability, and security of the Company's technology infrastructure and information systems are critical to the Company's operations and initiatives.

The Company has an enterprise risk management (“ERM”) program to identify, evaluate, and manage risks. Cybersecurity risks are evaluated alongside other critical business risks under the ERM program to align cybersecurity efforts with the Company's broader business goals and objectives. The Company believes that integrating cybersecurity risks into its ERM program fosters a proactive and holistic approach to cybersecurity, which helps safeguard the Company’s operations, financial condition, and reputation in an ever-evolving threat landscape.

The Company maintains a cybersecurity program that is designed to identify, protect from, detect, respond to, and recover from cybersecurity threats and risks, and protect the confidentiality, integrity, and availability of its information systems, including the information residing on such systems. The National Institute of Standards and Technology Cybersecurity Framework helps the Company inform its cybersecurity agenda and prioritize its cybersecurity activities. The Company takes a risk-based, threat-informed approach to cybersecurity, which begins with the identification and evaluation of cybersecurity risks or threats that could affect the Company’s operations, finances, legal or regulatory compliance, or reputation. Once identified, cybersecurity risks and related mitigation efforts are evaluated and prioritized based on their potential impact, likelihood, velocity, and vulnerability, considering both quantitative and qualitative factors. Risk mitigation strategies are developed and implemented based on the specific nature of each cybersecurity risk or threat. These strategies include, among others, the application of cybersecurity policies and procedures, implementation of administrative, technical, and physical controls, and Employee training, education, and awareness initiatives. The Company’s cybersecurity program also includes a Security Operations Center (“SOC”) that conducts ongoing monitoring of networks and systems for potential signs of suspicious activity. The SOC is a centralized function that monitors security alerts to initiate triage, verification, and remediation activities. Additionally, the Company’s cybersecurity program provides mechanisms for Employees to report any unusual or potentially malicious activity they observe. The Company tracks key performance indicators and cybersecurity metrics to evaluate the efficacy of its cybersecurity controls and practices. Further, the Company’s cybersecurity program is periodically reviewed by its Chief Information Officer ("CIO") and Chief Information Security Officer ("CISO" and, together with the CIO, the Company’s “Cybersecurity Leaders”) and adjusted in an effort to maintain the program’s agility and responsiveness as circumstances evolve, new cybersecurity threats emerge, and regulations change.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Board Oversight

The Board is responsible for overseeing management’s assessments of major risks facing the Company and for reviewing options to mitigate such risks. The Board’s oversight of major risks, including cybersecurity risks, occurs at both the full Board level and at the Board committee level through the Audit Committee.

The Board. The Chief Executive Officer, the Chief Operating Officer, the Chief Financial Officer, members of senior management, and other personnel and advisors, as requested by the Board, report on the Company’s financial, operating, and commercial strategies, as well as major related risks, which may include cybersecurity risks, at regularly scheduled meetings of the Board. Based on these reports, the Board may request follow-up information and presentations to address any specific concerns and recommendations. Additionally, the Audit Committee has opportunities to report regularly to the entire Board and review with the Board any major issues that arise at the committee level, which may include cybersecurity risks.

The Audit Committee. The Audit Committee reviews with management the Company’s technology and cybersecurity frameworks, policies, programs, opportunities, and risk profile as needed at its regularly scheduled meetings. The Company’s CIO, CISO, members of the cybersecurity team, or other advisors, as requested by the Audit Committee, report quarterly on the Company’s technology, data protection, and cybersecurity strategies and risks. Cybersecurity topics are presented to the Audit Committee on a quarterly basis and generally highlight any significant cybersecurity incidents, the cyber threat landscape, cybersecurity program enhancements, cybersecurity risks and related mitigation activities, and any other relevant cybersecurity topics. Management believes that this regular cadence of reporting helps to provide the Audit Committee with an informed understanding of the Company’s dynamic cybersecurity program and threat landscape. As needed, the Audit Committee reviews with

management the Company’s business continuity and disaster recovery plans and capabilities and the effectiveness of the Company’s escalation procedures. Based on these management reports, the Audit Committee may request follow-up information and presentations to address any specific concerns and recommendations. In addition to this regular reporting, cybersecurity risks or threats may also be escalated on an as-needed basis to the Audit Committee.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Role of Management [Text Block]

Management’s Role

The Company has a dedicated cybersecurity organization within its technology department that focuses on current and emerging cybersecurity matters. The Company’s cybersecurity function is led by the Company’s CISO, who reports to the Company’s CIO. The Cybersecurity Leaders are actively involved in assessing and managing cybersecurity risks. They are responsible for implementing cybersecurity policies, programs, procedures, and strategies. The responsibilities and relevant experience of each of the Cybersecurity Leaders are listed below:

•The CIO provides leadership for the Company’s technology department. The CIO holds an undergraduate degree from Cornell and has served in various roles in information technology for over 20 years, including Vice President, Senior Director, Manager and Consultant.

•The CISO is responsible for leading the Company’s cybersecurity strategy and department while ensuring the protection of data and assets across the Company’s facilities, airports, and aircraft. The CISO has served in various roles in cybersecurity for over 15 years. The CISO earned a Bachelor of Business Administration in Management Information Systems from The University of Oklahoma and holds a Certified Information Systems Security Professional certification. The CISO also participates in the Aviation Information Sharing and Analysis Center Board and is the Vice Chair of the Cybersecurity Council at Airlines for America.

The Company’s cybersecurity department is comprised of teams that engage in a range of cybersecurity activities such as threat intelligence, incident response, security operations, vulnerability management, risk and compliance and security engineering. These teams conduct vulnerability management and penetration testing to identify, classify, prioritize, remediate, and mitigate vulnerabilities. Leaders from each team regularly meet with the Cybersecurity Leaders to provide visibility of relevant issues and seek alignment with strategy. As noted above under “Incident Response,” the Company’s cybersecurity incident response plan includes standard processes for reporting and escalating cybersecurity incidents, as appropriate, to senior management, the Audit Committee, and the Board. Cybersecurity incidents that meet certain thresholds are escalated to the Cybersecurity Leaders and cross-functional teams on an as-needed basis for support and guidance. The Company’s incident response team also coordinates, as needed, with external legal advisors, communication specialists, and other key stakeholders.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The CIO provides leadership for the Company’s technology department. The CIO holds an undergraduate degree from Cornell and has served in various roles in information technology for over 20 years, including Vice President, Senior Director, Manager and Consultant.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true