WestJet data breach exposes journey particulars of 1.2 million prospects

This story was up to date with new info on the variety of prospects impacted.

Canadian airline WestJet is informing prospects that the cyberattack disclosed in June compromised the non-public info of 1.2 million prospects, together with passports and ID paperwork.

WestJet is a serious airline in North America, working a fleet of 153 plane and serving 104 locations, which carry over 25 million vacationers yearly.

On June 13, the corporate disclosed a cybersecurity incident that disrupted inside programs and made the WestJet app unavailable to prospects.

Round that point, risk actors related to Scattered Spider have been focusing their assaults on organizations within the aviation business. Nonetheless, there isn’t a official attribution for the hackers behind the WestJet breach.

Quickly after the assault, BleepingComputer discovered that the risk actors breached WestJet by utilizing social engineering to reset an worker’s password and acquire entry to the community by means of Citrix.

This allowed the attackers to compromise the Home windows networks and the corporate’s Microsoft cloud community.

The WestJet data breach

Within the days following the disclosure, WestJet revealed a number of updates, assuring prospects that each one applicable measures to guard their information have been being applied. Nonetheless, the communications didn’t specify whether or not the hackers had managed to entry any delicate info.

In a data breach notification despatched to prospects and shared with authorities within the U.S., the corporate has confirmed the influence after finishing an investigation on September 15.

WestJet additionally confirmed to the Maine Legal professional Basic’s Workplace that the breach allowed the attackers to steal the information for roughly 1.2 million prospects.

In accordance with the findings, the next information sorts have been uncovered to the attackers, various per particular person: 

• Full identify
• Date of delivery
• Mailing handle
• Journey paperwork, equivalent to a passport or authorities ID
• Requested lodging
• Filed complaints
• WestJet Rewards Member ID, factors, and different info
• WestJet RBC Mastercard, WestJet RBC World Elite Mastercard, or WestJet RBC World Elite Mastercard info.

WestJet specified that no bank card or debit card numbers, expiry dates, CVV numbers, or person passwords have been compromised.

The airline famous that recipients of the notification ought to inform different people who could have flown beneath the identical reserving quantity as them, as their info might need been uncovered too.

WestJet states that it’s nonetheless figuring out the complete scope of the incident, so this preliminary discover is being circulated to these confirmed to be impacted. Nonetheless, it might not signify the whole influence of the compromise.

“We proceed to work alongside our technical specialists to find out the complete extent of the incident,” reads the letter.

“Whereas investigations of this nature are sophisticated and take time to finish, now we have labored as shortly as attainable to evaluate the information we perceive to be concerned and to establish whether or not any of your private info has been concerned.”

The corporate additionally acknowledged that the FBI is concerned within the investigations and that it has taken all the suitable measures to forestall related incidents from occurring sooner or later.

The notices additionally enclose directions on tips on how to enroll in a free 2-year identification theft safety and monitoring service, redeemable by November 30.