Thursday, March 28, 2024

20,000 Users Affected With Air Canada Mobile App Data Breach

Air Canada issued a security notice for Air Canada Mobile App users as they detected unauthorized access to the mobile App between Aug. 22-24, 2018. It appears more than 20,000 user accounts have been accessed without proper authorization.

The attacker can extract the data stored in the Air Canada mobile App that includes name, email address, and telephone number. Also, the additional data such as Aeroplan number, Passport number, NEXUS number, Known Traveler Number, gender, birthdate, nationality, passport expiration date, passport country of issuance and country of residence.

Air Canada confirm that the payment card details are encrypted and stored as per the security standards set by the payment card industry or PCI standards.

If your account is affected then you will be receiving an email from Air Canada with instructions required to reactivate your Air Canada mobile App account, as a precautionary measure they have blocked all Air Canada mobile App user accounts and asked user’s to reset their accounts as a security precaution.

Air Canada confirm’s that the Aeroplan information was not stored in the app, so they are safe and they recommended user’s to you “monitor your Aeroplan transactions and contact Aeroplan immediately if you become aware of any unusual or unauthorized Aeroplan transactions.”

If your Air Canada account not linked with Air Canada mobile App account, then your account is not affected with the data leak.

Air Canada recommend’s customers to regularly review their financial transactions, be aware of any changes in their credit rating, and contact their financial services provider immediately if they become aware of any unusual or unauthorized transactions.

Also Read

Hackers Selling Airport Security System Credentials on Dark Web for $10

Australian Airport Hacked: Significant Amount of Security Data Stolen by Vietnamese Hacker

Boeing 757 Airplanes are Vulnerable to Remote Hacking

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles