Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Canadian airline WestJet has revealed that 1.2 million of its customers were impacted in the data breach it suffered this year.
Based in Calgary, Alberta, WestJet is the second-largest airline in Canada and the eighth-largest airline in North America.
Earlier this year, the airline said it was investigating a cyber incident alongside Transport Canada and law enforcement, which was later claimed by the Scattered Lapsus$ Spider hacking supergroup.
“We are expediting efforts to safeguard sensitive data and personal information for both our guests and employees,” the company said.
The company revealed that the data of some of its US customers was exposed in the cyber attack earlier this week, but has now disclosed that approximately 1.2 million customers were impacted, according to the Office of the Maine Attorney General.
“The types of personal information involved by this incident vary by individual but may include your name, date of birth, mailing address, information about the travel document you used when travelling with WestJet (such as your passport or other government-issued identification document or number) and other information associated with your travel needs such as accommodations requested or complaints filed,” the company said in a data breach notification seen by Cyber Daily.
“No credit card or debit card numbers, expiry dates or CVV numbers or account passwords were involved.”
WestJet added that its Rewards Members were also impacted, with membership details such as rewards ID numbers and points balances on the data of the incident, as well as other linked information may have been compromised.
“If you are a WestJet RBC Mastercard, WestJet RBC World Elite Mastercard, or WestJet RBC World Elite Mastercard for Business cardholder, additional information linked to your WestJet Rewards account may have also been involved,” the company said.
“This may include a credit card identifier type (e.g. ‘World Elite’), and information about changes to your WestJet points balance. Your credit card number, expiration date and CVV are not involved.”
Regarding bookings, WestJet also said that customers should inform other individuals who may have flown under the same booking number of the incident, as some of their information may have been compromised.
The company has said that its investigation is ongoing and that the full scope of the cyber incident is still being determined.
“Containment is complete, and some additional system and data security measures have been implemented,” the company said in an update this week.
“However, analysis is ongoing, and WestJet will continue to take measures to further enhance its cyber security protocols.”
WestJet has also reassured customers that at no point was customer safety or the operation of its services impacted as a result of the cyber incident.
Be the first to hear the latest developments in the cyber industry.
