The Canadian airline is informing the Westjet customers that the cyber attack in June compromised on their sensitive information including passports and ID documents.
Westjet is a major airline in North America that operates a fleet of 153 aircraft and 104 destinations of services carrying more than 25 million passengers annually.
On 13 June, the company revealed a cyber security incident that disrupted some internal systems and made the Westjet app unavailable to customers.
Around that time, a group of scattered spider threats focused on their attacks on organizations in the aviation industry. However, there is no official feature for hackers behind Westjet Brech.
In the days after disclosure, Westjet Published many updates Assuring customers that all appropriate measures were being implemented to protect their data, but communication did not specify if the hackers managed to reach any sensitive information.
Notification to customers The US was shared with officials and confirms the impact based on the results of the investigation, which the company completed on 15 September.
According to the findings, the following data types are made aware of the attackers, per capita separate:
- Full name
- Date of birth
- Postal address
- Travel documents such as passport or government ID
- Requested accommodation
- Complaints filed
- Westjet Member ID, Marks and Other Information Awards
- Westjet RBC MasterCard, Westjet RBC World Elite MasterCard, or Westjet RBC World Elite MasterCard information.
Westjet specified that no credit card or debit card number, expiry dates, CVV number, or user passwords were compromised.
The airline said that the recipients of the notification should inform other persons who can fly under the same booking number, as their information may also be revealed.
The Westjet states that it is still trying to determine the full scope of the incident, so this initial notice is being confirmed to be affected. However, this cannot represent the full impact of the agreement.
“We continue to work with our technical experts to determine the entire limit of the event,” reads the letter.
“While the investigation of this nature is complex and it takes time to complete, we have worked quickly to review the data that we understand to join and to find out if you include any personal information.”
The company also said that the FBI is involved in the investigation and it has taken all the appropriate measures to prevent the same future incidents.
Notices also attach the instructions to enroll a free 2-year identity in theft protection and monitoring service, redeemed by 30 November.
Bleepingcomputer has reached the Westjet to inquire about the number of affected customers, and we will update this post with their response.
attend Violation and attack simulation summit And experience Future of security verificationListen to top experts and see how AI-managed base Breach is changing and attacking simulation.
Do not remember the event that will shape the future of your safety strategy
