It’s always bad when we’re affected by security breaches. It’s even worse when our sensitive information is exposed as a result. This is exactly what’s happening to a number of WestJet users. Yikes.
Canadian airline WestJet has officially confirmed that a cyberattack first disclosed in June resulted in the breach of sensitive personal information belonging to its customers. According to notifications sent to affected individuals, the compromised data includes full names, dates of birth, and, in some cases, passport and government ID details. Not good. The confirmation comes three months after the initial incident, following an internal investigation that concluded on September 15.
The security breach was first announced by the Calgary-based airline on June 13, when it reported a cybersecurity incident that caused disruptions to some of its internal systems and rendered the WestJet mobile app temporarily unavailable. At the time, the company did not specify the extent of the data compromise, assuring customers that measures were being taken to protect their information. The perpetrator of the attack has not been officially named, but the incident occurred during a period when the hacking group known as “Scattered Spider” was reportedly targeting organizations within the aviation sector. So it wouldn’t be weird for you to connect the dots.
The investigation has now revealed that the attackers successfully accessed a wide range of customer data. The specific information exposed varies by individual but can include full names, dates of birth, mailing addresses, travel documents such as passports or other government-issued IDs, and details about requested accommodations or filed complaints. For members of the airline’s loyalty program, WestJet Rewards Member IDs, point balances, and related information may have been exposed. Additionally, information connected to WestJet RBC Mastercards was also part of the breach.
However, the airline has clarified that more critical financial data was not compromised. According to the notice, the breach did not include credit or debit card numbers, expiry dates, CVV security codes, or user passwords for WestJet accounts.
In its communication with customers, WestJet is advising that the investigation to determine the full scope of the incident is still ongoing. The current notices are being sent to individuals who have been confirmed as impacted, but the company acknowledges that this may not represent the complete list of affected travelers. The airline has also urged the primary recipients of these notifications to inform any other individuals who may have traveled under the same booking reference, as their personal information might have also been compromised in the attack.
Though it’s a Canadian airline, it has a lot of implications for US folks since they have a lot of flights in and out of the US. The Federal Bureau of Investigation (FBI) is involved in the ongoing investigation. The company also assured customers that it has implemented measures to prevent similar incidents from occurring in the future. As a precautionary measure, WestJet is offering affected customers a complimentary two-year subscription to an identity theft protection and monitoring service, which must be redeemed by November 30. It’s probably too late now, though.
Source: Bleeping Computer
