Air Canada says 20,000 Mobile App Users victimized by Data Breach

Air Canada’ the biggest Canada’s airline company has notified about the data breach involving about 20,000 of its mobile app users. The accident got spotted between August 22 and 24. This was the time when company detected suspicious log-in actions and figured out some hackers have managed to get through passwords and access personal user’s information.


WATCH ABOVE: Approximately 1.7 million Air Canada customers who use the airline’s web app have been guided to reset passwords after the company accept that it has suffered a serious data security breach.

Because of this breach, company has locked down all the 1.7 million accounts as a precaution, till the time customers update their passwords.

Besides, users have also been emailed instructions on how to log in to the app and change passwords.

WATCH BELOW: Management team at Air Canada says, about 20,000 out of its 1.7 million app users might have compromised their personal information.


The company estimates about 1% of the total 1.7 million people utilizing the app might have been compromised.

Air Canada mobile app have been notified storing basic information such as the user’s name, telephone number and email address. All these information can get improperly accessed.

Despite of all this, any credit card information stored in the app cannot get accessed, as they are encrypted, the company says.

Personal Data That Can Get Compromised

Data such as customer’s passport number, Aeroplane number, Nexus number, known traveller number, birth date, gender, passport expiration date, nationality, passport country of issuance and country of residence could get accessed. This would happen in a case if users had save them in their profile onto the app.

Thus it is better not to enter any valuable personal information into apps, says Reid Fiest.

Regardless of all this breaching, as long as app users still have their respective passport and other pieces of supporting documentation, the risk of someone filing and receiving a new passport in their names is low.

According to the company,

Any sort of improper log-in activity has not been detected since last Friday, and it is in the procedure of contacting the 20,000 people directly affected.

Meanwhile, the company has locked down all the mobile app accounts and is instructing users to change the passwords.

However, many users on social media have reported difficulties in doing so, most likely because of the volume of people trying to log on.

Company Air Canada suggested anyone looking to get into app to keep attempting.


About Air Canada data breach, Chester Wisniewski, principal research scientists at cyber security firm Sophos says, any theft information is not likely to be overly problematic. However it still raise more concerning questions about practices behind the scenes.

He said, “You never want someone to know your name, your birthday and your passport”.

According to him,

The company was not targeted by professional hackers, but simply caught off-guard by an enterprising cyber-criminals.

“I suspect hackers stumbled across a bug in the API”, scientists says, referring to the acronym for the application programming interface which is how the app establishes communication with Air Canada’s app servers on the back end.

He further said, “I don’t think the crooks were targeting Air Canada or were stealing specific info. Instead there are just numerous hackers scrolling the web looking for doors that are ajar”.

“In a case if they find a door which is open, they will start monkeying around”.

Scientists says, the company has advised all customers – even those who’s information wasn’t violated – to update their passwords.

Now since, it’s limited to only eight characters, he said, “their password policy was rather antiquated that suggests they weren’t doing it right to begin with”.

So, this was about the data breach incident which occurred recently in Air Canada app.

Data breach besides from this, might happen in several other cases also. Among-st them, virus infection is the most prone ones.

One can lose his/her vital data stored in the PC because of the virus intrusion in it. So, if suffering from the similar situation and has lost data, SpyHunter antimalware program is for you.


Being equipped with numerous powerful as well as enhance programming skills, SpyHunter performs a deep scanning of the system. It via this traces the exact location of even those threats that easily bypasses the scanning of the most well-known antimalware programs.

Leave a Comment