WestJet announced a cybersecurity incident in which a sophisticated third-party actor gained unauthorized access to internal systems, exposing personal information of some customers.
The breach, discovered on June 13, 2025, has since been contained and remediated, but not before sensitive data elements were exfiltrated.
WestJet Passenger Data Exposed
WestJet’s security team first detected anomalous activity on June 13, 2025, triggering an immediate technical and forensic investigation. Attack indicators suggested a targeted compromise of systems storing passenger data.
The investigation confirmed that names, dates of birth, mailing addresses, travel documentation details (e.g., passport numbers), and ancillary booking information such as special accommodations and filed complaints were extracted.
Members of WestJet Rewards had their Rewards ID numbers and points balance at the time of the breach exposed, though passwords and full credit card numbers were not compromised.
For holders of WestJet RBC Mastercard products, only the card identifier type (such as “World Elite”) and points balance changes were accessed critical CVV codes, expiry dates, and passwords remained secure.
No guest user passwords or CVV numbers were involved, and WestJet’s operational infrastructure integrity was not jeopardized.
Upon confirming the breach, WestJet secured affected environments and engaged internal and external cybersecurity specialists.
Law enforcement agencies, including the Federal Bureau of Investigation (FBI), were notified, and WestJet continues to cooperate fully in the ongoing investigation.
Customers are advised to remain vigilant by:
- Reviewing account statements for unauthorized transactions.
- Placing fraud alerts or security freezes via Equifax, Experian, or TransUnion.
- Monitoring credit reports at www.annualcreditreport.com.
- Reporting any suspected identity theft to the Federal Trade Commission or local law enforcement.
WestJet emphasizes that the security of customer data is paramount and has implemented enhanced intrusion detection, multi-factor authentication (MFA), and regular penetration testing across its networks.
Ongoing system hardening and employee security awareness training are being accelerated to prevent future incidents.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
