Air Canada Data Breach Affects 20,000 Users Of Its Mobile App

  • 90
  •  
  •  
  •  
  •  
  •  
  •  
    90
    Shares

After targeting various companies belonging to the telecom, financial, educational, and medical industries, hackers have now turned their attention to an airline to satiate their craving for data. According to the reports, some unknown attackers accessed the database of Air Canada. Supposedly, the Air Canada data breach affected around 20,000 customers using their mobile app.

Air Canada Data Breach Exposed Personal Details Of Customers

On August 28, 2018, Air Canada uploaded a notice on their website about a security breach incident. Reportedly, the airline noticed an unauthorized access to its mobile app. As a result, this Air Canada data breach exposed personal details of around 1% of the airline’s customers. As claimed by the airline, they have around 1.7 million mobile app users, which hint up to 20,000 customers affected in the incident.

According to their notice, Air Canada noticed “unusual login behavior” on their mobile app between August 22 and 24, 2018. They suspect that this unauthorized access may have inadvertently exposed customer details to the attackers. This may include personal details that the users enter on the app, such as names, contact numbers, email addresses, genders, dates of birth, residence, nationality, passport numbers, country of issuance of passports and their expiration dates, NEXUS numbers, Aeroplan number, Known Traveler Number, and credit card details.

However, the company states that the credit card numbers remained unaffected in the breach.

“Credit cards that are saved to your profile are encrypted and stored in compliance with security standards set by the payment card industry or PCI standards.”

Whereas, regarding the Aeroplan numbers, the app does not store this data. However, the airline still advises the customers to keep a check on all transactions.

Customers Locked Out Of Apps As Precaution

After noticing the unusual activity, Air Canada officials quickly blocked the unauthorized accesses. However, they also had to lock out customers from the app as a precaution.

“As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.”

Therefore, all 1.7 million customers of Air Canada have to sign in again to the apps. Air Canada has begun sending emails to the customers with instructions to reset logins. They are also sending emails to the customers affected by the breach.

While Air Canada adequately disclosed the breach in their notice, the source behind the attack still needs to be identified. It is not yet known whether the attackers directly targeted the airline’s systems, or if Air Canada has become another victim of third-party data breach.

Let us know your thoughts in the comments section.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!