WestJet confirms a cyberattack compromised passenger details, including passports. Credit card data remains secure. Investigation underway.
Data Breach Discovered
WestJet has confirmed that a cyberattack earlier this year resulted in the theft of some passenger personal information, including passport details. The airline said Monday that while payment card data and account passwords were not compromised, other sensitive information was accessed.
Nature of the Stolen Information
The breach exposed varying data depending on the passenger, potentially including full name, date of birth, email, mailing address, phone number, gender, recent travel booking history, and booking reference numbers. WestJet also confirmed that travel document details, such as passports or government-issued IDs, may have been taken.
Security Risks and Response
The airline warned that the stolen information could be used for identity theft or fraud. As a preventive measure, WestJet is offering affected customers free identity theft protection and monitoring services for 24 months.
Timeline of Events
Suspicious activity was first detected on June 13, 2025, prompting a security review. WestJet determined that cybercriminals had gained temporary access to parts of its systems during that period. The company has not disclosed how many customers were impacted.
Regulatory Investigation
Canada’s Office of the Privacy Commissioner has launched a formal investigation into the breach. WestJet says it is cooperating fully with authorities and has enhanced its cybersecurity protocols to prevent future incidents.
Passenger Advisory
WestJet advises all affected customers to remain vigilant, monitor their accounts for unusual activity, and take advantage of the provided identity protection services.
© 2025 Mapple News Wire
