Canadian Airline WestJet discloses cybersecurity breach

Canadian carrier WestJet announced on Monday that the personal information of some passengers was exposed in a cybersecurity breach earlier this year, although no payment data was compromised. The airline detected suspicious activity on June 13 and later determined that a "sophisticated, criminal third party" had gained unauthorized access to its systems.

The aviation industry’s growing dependence on complex digital systems and vast stores of passenger data has made it an increasingly attractive target for cybercriminals. Earlier this month, a ransomware attack on Collins Aerospace, a unit of RTX, disrupted operations across major European airports, crippling check-in and baggage systems at popular hubs such as London’s Heathrow and Berlin.

WestJet said the type of data exposed in the breach varied but could include names, contact details, travel information, and documents tied to reservations. However, no credit card and debit card numbers, expiration dates, and CVV numbers were obtained during the breach.

In a notice to US residents on Monday, the carrier said it had worked closely with law enforcement agencies, including the Federal Bureau of Investigation and the Canadian Centre for Cyber Security. It also notified relevant authorities, including the attorneys general of US states where residents were affected.

Article Information

Published On Oct 1, 2025 at 09:07 AM IST

Join the Community

Join the community of 2M+ industry professionals. Subscribe to Newsletter to get latest insights & analysis in your inbox.

Stay Updated on the Go

All about ETCISO industry right on your smartphone!

Note: The original content has been rewritten to retain its meaning and length while keeping the proper headings and titles as required. The HTML tags and other non-essential elements have been removed to make the content more readable.