WestJet, a Canadian commercial airline, on Monday said hackers were able to steal certain data, including some passenger information, in a previously disclosed June cyberattack.
The carrier has not specifically identified the attackers, but said the hackers were a “sophisticated, criminal third-party,” that gained unauthorized access to the company’s systems during the June 13 attack.
WestJet posted a notice specifically for U.S. passengers on its website. The airline listed address information for the Federal Trade Commission and various state attorneys general, where customers could turn if they suspect their identities had been stolen.
The airline said the stolen data varies from person to person. It could include names, contact information and certain details related to passenger reservations. In addition, the information could relate to a customer’s relationship with WestJet.
No credit card numbers, expiration dates or CVV numbers were taken, and the hacked data did not include any user passwords, according to the airline.
The airline warned that it is possible some of the stolen data could be further exploited for identity theft or other fraudulent use, but thus far WestJet officials are not aware of any such abuse.
The airline has been working with third-party forensic experts to continue an investigation into the incident. The attack was contained, and the company has taken additional measures to prevent such an attack from happening again.
WestJet is working with various governments and authorities, including Transport Canada, the Canadian Centre for Cyber Security and Office of the Privacy Commissioner of Canada. The company is also working with various law enforcement and international government agencies.
The attack took place around the same time that Scattered Spider, the English-speaking cybercrime group, began to pivot its attack spree away from retail and into the insurance industry, as well as the airline and transportation sector.
During that same period, other major carriers, including Hawaiian Airlines and later Qantas, disclosed attacks. Scattered Spider has been coordinating certain attacks with other groups, according to researchers, therefore some of these attacks may have used similar social engineering tactics without being directly the work of Scattered Spider.
