Air Canada App Data Breach involves Passport Numbers

Air Canada App Data Breach involves Passport Numbers

Air Canada’s app has suffered a data breach resulting in the suspected loss of thousands of its customers’ personal details.

The airline has warned that users who had entered their passport details into the product may have had that data stolen.

Experts warn that the theft of such information would pose a serious ID fraud risk.

The firm has also been criticised for its relatively weak password system.

Security consultant at Synopsys, Amit Sethi, said: "Many users will choose short and easily guessable passwords.

"Moreover, users that want to use strong passwords cannot do so."

According to the Canadian government’s own cybersecurity advice, all passwords should “include at least one character that isn’t a letter or number” and be a minimum length of eight characters.

The firm said it has adopted “improved password guidelines”.

Air Canada said that it detected unusual login activity between 22nd August and 24th August and decided to lock down all 1.7 million of its accounts as a consequence.

It believes data has been stolen from about 20,000 of these, and has informed members of this group via email.

The airline says customers’ credit card details were encrypted, so should not be at risk.

But basic profile data that could have been exposed includes names, email addresses and phone numbers.

print this article

Return to internet news headlines
View Internet News Archive

Share with: