LOGO

WestJet Data Breach: 1.2 Million Passengers Affected

October 1, 2025
Topics:Canadacybersecuritydata breachQantasScattered SpiderSecurityTransportationwestjet
WestJet Data Breach: 1.2 Million Passengers Affected

WestJet Data Breach Impacts 1.2 Million Passengers

WestJet, Canada's second-largest airline, has reported a significant data breach. A cyberattack earlier in the year resulted in the compromise of personal information belonging to approximately 1.2 million passengers.

Details of the Breach

The airline revealed the scale of the incident in a filing with the Attorney General of Maine. This filing confirmed that at least 240 residents of Maine were among those affected by the security lapse.

The data potentially accessed by attackers encompasses a range of passenger details. This includes passenger names, dates of birth, and postal addresses.

Sensitive Information Compromised

Travel documents were also potentially stolen. These documents include sensitive information such as passport details and other government-issued identification.

Furthermore, data relating to passenger requests and complaints, as well as accommodations made during travel, may have been compromised.

Impact on Rewards Programs

WestJet also indicated that customer rewards information could have been accessed. This includes points balances and other details associated with passenger reward accounts.

Timeline of Events

The airline initially disclosed a security incident in June. This disclosure followed the discovery that its systems had been breached and data had been extracted from its network.

When contacted by TechCrunch via email, WestJet spokesperson Jennifer Booth did not respond to inquiries regarding the specifics of the breach.

Attribution and Potential Actors

Reports suggest a connection between the WestJet breach and a hacking group known as Scattered Spider. This group is characterized as financially motivated and comprised primarily of young, English-speaking individuals.

Scattered Spider is known for employing social engineering tactics. They frequently target IT help desks, attempting to persuade employees to grant unauthorized network access.

Industry-Wide Targeting

Earlier this year, both the FBI and various cybersecurity firms issued warnings. These warnings highlighted that Scattered Spider was actively targeting companies within the transportation and aviation sectors.

Qantas, an Australian airline, was reportedly a previous target of the same group. That incident resulted in the theft of personal information from over 6 million customers.

  • Affected Parties: Approximately 1.2 million WestJet passengers
  • Data Compromised: Names, dates of birth, addresses, travel documents, rewards information
  • Suspected Group: Scattered Spider
#WestJet#data breach#airline security#passenger data#cybersecurity#Canada

Related Posts

FTC Upholds Ban on Stalkerware Founder Scott Zuckerman

FTC Upholds Ban on Stalkerware Founder Scott Zuckerman

Google Details Chrome Security for Agentic Features

Google Details Chrome Security for Agentic Features

Petco Data Breach: SSNs, Driver's Licenses Exposed

Petco Data Breach: SSNs, Driver's Licenses Exposed

Petco Data Breach: Customer Data Exposed - What You Need to Know

Petco Data Breach: Customer Data Exposed - What You Need to Know

Intellexa Spyware: Direct Access to Government Espionage Victims

Intellexa Spyware: Direct Access to Government Espionage Victims

Smart Toilet Camera Encryption Flaws | Security Concerns

Smart Toilet Camera Encryption Flaws | Security Concerns