Cyber insurance is back in the spotlight again with Air Canada contacting customers about a breach of its mobile app that may have exposed the personal information of around 20,000 people, representing 1% of the app’s users, as reported by CBC. The airline has since locked down all 1.7 million of its accounts on the app as a precaution, and is advising customers to change their passwords.
In an email obtained by CBC, Air Canada noted that it “recently detected unusual log‑in behaviour with Air Canada’s mobile App between Aug. 22‑24, 2018.”
The personal information found on the app, including users’ names, email addresses, and telephones numbers, all could have been improperly accessed. A customer’s Aeroplan number, passport number, country of issuance, and country of residence could also have been accessed, if users had saved the information in their profile - though the government says the risk of an individual filing for and acquiring a new passport in someone else’s name is low.
The company has, however, stated that credit card information on the app would have been encrypted and thus protected from access.
The airline reported that it hasn’t detected any improper log-in activity since August 24 and is now contacting the 20,000 people affected by the breach.
