Air Canada App Breach & What the Customers Can Do Now
App Builder Appy Pie: In light of the recent discovery of a potential network break-in, Air Canada has advised the customers to reset the passwords on their mobile apps.
The notice that was sent out to all the Air Canada customers mentioned that they were able to detect an unusual login behavior with their mobile app between the dates of 22nd and the 24th of August, 2018. They also assured that immediate efforts were taken to block these attempts and additional protocols were implemented in order to protect any other unauthorized attempts.
Also, the notice further stated that all the Air Canada mobile app accounts were locked, purely as an additional security measure with the intent to protect the customers’ data.
Air Canada has confessed to an estimated 20,000 profiles of the total 1.7 million profiles which may have been accessed by the hackers. The customers or the account holders who had been affected would be mailed personally by the airlines. However, as a precautionary measure to limit the effect of this breach and ensure additional security, the airlines have advised all the customers on the mobile app to reset their passwords.
The data that was lost in the process includes the following:
- Aeroplan number
- Passport Number
- NEXUS number for expedited screening
- Known traveler number
- Date of Birth
- Passport Expiration Date
- Country that Issued the Passport, and
- Country of residence
One relief is that the airline assured their customers that the credit card information remained safe and even all the other data from its Aeroplan frequent flier program remains un-accessed during the attack. Though the passport information of some of the users was stored on the app, the data that was exposed would not be enough to get a new passport issued or any other related identity theft.
What was even more of a relief for the users was that since the Aircanada.com accounts were not linked to the mobile app accounts, they remain safe and untouched through this attack.
Though Air Canada claims that the information that was exposed in the hack attack doesn’t seem to be something that may be used by the criminals to make any fraudulent bookings or get a new passport under the users’ identity, but they are still advising the customers to be vigilant regarding their bank accounts and their Aeroplan accounts and be on the lookout for any unauthorized transactions.
The rush of activity on the mobile app this Wednesday indicated that the app users have taken the advice quite seriously and the resultant stress on the app led to users having to wait before going on to change their passwords. The airline also commented that it is due to the large volume of requests that some of the users may have to wait a little longer to change or reset their passwords.
In an environment like today, when data security and privacy have gained such great importance and there is a lot more at stake, such breaches or hack attacks only indicate that malicious entities or elements would attack every possible weak link, no matter how big an entity you or your company may be.