WestJet Breach Exposes Passport Data: A Growing Threat to Airlines and Insurers
WestJet has confirmed that a cyberattack earlier this year led to the theft of sensitive passenger data, including information from government-issued travel documents such as passports. While payment card details and passwords were not compromised, other stolen data may include names, dates of birth, contact information, gender, and booking records. The breach, detected on June 13, prompted the airline to offer two years of free identity monitoring to those affected, while the Office of the Privacy Commissioner of Canada opened an inquiry.
This incident is part of a broader wave of attacks targeting the airline industry, with Hawaiian Airlines and Qantas also reporting breaches. Security experts believe the same sophisticated threat group, Scattered Spider, is responsible, leveraging advanced social engineering to bypass multi-factor authentication. The breach underscores not only the vulnerability of legacy airline systems but also the growing insurance challenges in underwriting cyber risk for data-rich sectors. Analysts stress that both airlines and insurers must strengthen identity verification, privileged access management, and vendor oversight to mitigate future threats.
#WestJet #CyberAttack #DataBreach #PassportData #AviationSecurity #AirlineBreach #IdentityTheft #CyberRisk #PrivacyBreach #ScatteredSpider #CyberThreats #Cybersecurity #TravelSecurity #InsurTech #RiskManagement #ThreatActors #Phishing #SIMSwapping #MFABypass #LegacySystems #CyberAwareness #DataProtection #AirlineIndustry #CyberInsurance #FraudPrevention #IncidentResponse #AviationRisk #PersonalData #DigitalSecurity #BreachResponse
