WestJet Cyber Attack Causes Travel Disruption

WestJet confirmed it had been the target of a sophisticated cyberattack that caused significant disruption for customers. The incident was first detected on June 13, when suspicious activity was identified across the airline’s digital systems. Although flight operations and aircraft safety were not compromised, customers encountered service interruptions, particularly when attempting to access bookings through the airline’s website and mobile application.
Subsequent investigations revealed that unauthorized actors had gained access to sensitive customer data. The compromised information included names, dates of birth, email addresses, phone numbers, mailing addresses, recent booking records, and details from government issued travel documents such as passports. WestJet clarified that payment card information and user passwords were not impacted, and the airline has seen no evidence of misuse of WestJet Rewards passwords or loyalty points.
To address the incident, WestJet engaged external cybersecurity specialists, notified federal authorities including the Office of the Privacy Commissioner of Canada and Transport Canada, and took steps to strengthen its digital defenses. Affected individuals have been offered complimentary identity protection and credit monitoring services through Cyberscout and TransUnion. The airline further emphasized its commitment to customer trust and stated that additional security enhancements are being implemented as part of the containment and recovery process.