Personal data from 20,000 Air Canada users may have been compromised, the company announced this Tuesday. Hackers probably got their hands on people's names, email addresses and telephone numbers, as well as gender, birthdate, nationality, but also passport numbers, passport expiration date, passport country of issuance and country of residence.
These information were also probably accessed: Aeroplan number, NEXUS number, Known Traveller Number.
Announcing the unfortunate event, Air Canada said it detected unusual login behaviour with Air Canada’s mobile App between Aug. 22-24, 2018.
“We immediately took action to block these attempts and implemented additional protocols to block further repeated unauthorized attempts. As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.”
The company will mail everyone who it thinks may have been affected by the breach, it said. These 20,000 people amount to roughly one per cent of its entire userbase, which is roughly 1.7 million strong.
It advises everyone to change their passwords, as a precautionary measure.
Air Canada did add that the risk of passport theft is low because the information possibly stolen is not enough to obtain the full passport.
“According to the website, the Government of Canada cannot issue a new passport to anyone based only on the information found in a passport”, the company said.
"Your privacy and the protection of your data are extremely important to Air Canada," the airline said. "Our security is multi-layered, and we work with leading industry experts to continuously improve our practices as technology and security procedures evolve."
Image source: Shutterstock/AlexLMX