Canadian airline WestJet has alerted customers that a June cybersecurity incident compromised their personal information including passports and ID documents. This isn’t good for reasons that I will get into shortly. In the meantime, Erich Kron, CISO Advisor at KnowBe4, provided the following comments:
“It is very unfortunate that WestJet became a victim of yet another ransomware attack in the aviation space. For victims who had their data stolen, this could be a significant problem as modern air travel requires that people provide a lot of information to airlines as required by various governments. The information stolen, such as passport information or government identification, along with the other personal information such as more typical addresses and date of birth, can be enough to facilitate some significant identity theft. The fact that accommodations were among the list of information stolen can also have a more significant impact both by attackers scamming the victims, and for WestJet if the leakage of medical information violates any regulatory rules.
“A number of recent attacks such as this use social engineering, telephone calls specifically, to get help desk employees to reset passwords or multi-factor authentication information for accounts, such as employee accounts, that attackers are targeting. Once they’ve gained access to a legitimate account, it can be used to perpetuate other attacks against others within the organization, or to impact systems that can be used to steal information or spread malware such as ransomware.
“Organizations of every size and across every industry need to ensure that they are taking precautions to manage human risk, especially for those that are outward facing or in roles such as customer service employees. A good human risk management (HRM) program should address these types of attacks along with those sent through email or text messages and look at ways to manage other types of human risk such as accidental errors as well.”
This is going to be a huge problem for anyone who is affected by this hack. Those affected are going to be prime targets for identity theft and the like. Thus those affected should be on guard for secondary attacks on them.
UPDATE: Paul Bischoff, Consumer Privacy Advocate at Comparitech, provided the following comment:
“Most of the data exposed in this attack does not pose a direct threat to WestJet customers, but it could be used to craft personalized and convincing phishing messages. Be on the lookout for phishing emails and text messages from scammers posing as WestJet or a related company. Never click on links or attachments in unsolicited emails.
Affected customers should also keep an eye on their frequent flyer accounts. Hackers could try to steal your air miles or hijack your frequent flyer account and sell it on the dark web. (https://www.comparitech.com/blog/information-security/how-much-are-stolen-frequent-flyer-miles-worth-on-the-dark-web/).”
Related
This entry was posted on October 1, 2025 at 10:33 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
WestJet Hack Exposed PII Of Customers…. Yikes!
Canadian airline WestJet has alerted customers that a June cybersecurity incident compromised their personal information including passports and ID documents. This isn’t good for reasons that I will get into shortly. In the meantime, Erich Kron, CISO Advisor at KnowBe4, provided the following comments:
“It is very unfortunate that WestJet became a victim of yet another ransomware attack in the aviation space. For victims who had their data stolen, this could be a significant problem as modern air travel requires that people provide a lot of information to airlines as required by various governments. The information stolen, such as passport information or government identification, along with the other personal information such as more typical addresses and date of birth, can be enough to facilitate some significant identity theft. The fact that accommodations were among the list of information stolen can also have a more significant impact both by attackers scamming the victims, and for WestJet if the leakage of medical information violates any regulatory rules.
“A number of recent attacks such as this use social engineering, telephone calls specifically, to get help desk employees to reset passwords or multi-factor authentication information for accounts, such as employee accounts, that attackers are targeting. Once they’ve gained access to a legitimate account, it can be used to perpetuate other attacks against others within the organization, or to impact systems that can be used to steal information or spread malware such as ransomware.
“Organizations of every size and across every industry need to ensure that they are taking precautions to manage human risk, especially for those that are outward facing or in roles such as customer service employees. A good human risk management (HRM) program should address these types of attacks along with those sent through email or text messages and look at ways to manage other types of human risk such as accidental errors as well.”
This is going to be a huge problem for anyone who is affected by this hack. Those affected are going to be prime targets for identity theft and the like. Thus those affected should be on guard for secondary attacks on them.
UPDATE: Paul Bischoff, Consumer Privacy Advocate at Comparitech, provided the following comment:
“Most of the data exposed in this attack does not pose a direct threat to WestJet customers, but it could be used to craft personalized and convincing phishing messages. Be on the lookout for phishing emails and text messages from scammers posing as WestJet or a related company. Never click on links or attachments in unsolicited emails.
Affected customers should also keep an eye on their frequent flyer accounts. Hackers could try to steal your air miles or hijack your frequent flyer account and sell it on the dark web. (https://www.comparitech.com/blog/information-security/how-much-are-stolen-frequent-flyer-miles-worth-on-the-dark-web/).”
Share this:
Like this:
Related
This entry was posted on October 1, 2025 at 10:33 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.