WestJet confirms cyber breach exposed sensitive details of customers

The second-largest Canadian airline, WestJet Airlines, has confirmed that some personal details belonging to its passengers had been stolen in a June cyberattack.

WestJet detected suspicious activity on June 13th, when criminals temporarily accessed its systems, stealing passenger data.

The airline confirmed that data can vary from person to person but may include names, dates of birth, contact information, gender, information about the travel document used when travelling with WestJet, and recent booking records, including reservation numbers.

It is particularly worrying that cybercriminals could have accessed customers’ personal documents (such as their passports or other government-issued identification documents) since these can be used for a variety of criminal purposes.

However, no credit card numbers, debit card details, or user passwords were reportedly compromised.

WestJet claims it is “treating this incident with the utmost urgency and attention” and has added extra security measures to prevent future breaches.

Additionally, the company offered affected passengers free identity theft and credit monitoring for 24 months in partnership with TransUnion Canada. Customers can also interact with “Identity Restoration agents”, ready to talk them through questions about identity theft.

In the event of fraud, there is up to $1,000,000 of expense reimbursement insurance available.

An investigation is currently underway, and it remains unclear who’s responsible for the incident or how they gained access to the airline’s systems.