Saturday, December 2, 2023

20,000 Users Affected With Air Canada Mobile App Data Breach

Air Canada issued a security notice for Air Canada Mobile App users as they detected unauthorized access to the mobile App between Aug. 22-24, 2018. It appears more than 20,000 user accounts have been accessed without proper authorization.

The attacker can extract the data stored in the Air Canada mobile App that includes name, email address, and telephone number. Also, the additional data such as Aeroplan number, Passport number, NEXUS number, Known Traveler Number, gender, birthdate, nationality, passport expiration date, passport country of issuance and country of residence.

Air Canada confirm that the payment card details are encrypted and stored as per the security standards set by the payment card industry or PCI standards.

If your account is affected then you will be receiving an email from Air Canada with instructions required to reactivate your Air Canada mobile App account, as a precautionary measure they have blocked all Air Canada mobile App user accounts and asked user’s to reset their accounts as a security precaution.

Air Canada confirm’s that the Aeroplan information was not stored in the app, so they are safe and they recommended user’s to you “monitor your Aeroplan transactions and contact Aeroplan immediately if you become aware of any unusual or unauthorized Aeroplan transactions.”

If your Air Canada account not linked with Air Canada mobile App account, then your account is not affected with the data leak.

Air Canada recommend’s customers to regularly review their financial transactions, be aware of any changes in their credit rating, and contact their financial services provider immediately if they become aware of any unusual or unauthorized transactions.

Also Read

Hackers Selling Airport Security System Credentials on Dark Web for $10

Australian Airport Hacked: Significant Amount of Security Data Stolen by Vietnamese Hacker

Boeing 757 Airplanes are Vulnerable to Remote Hacking


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles