Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Air Canada data breach – 20,000 users of its mobile app affected

Air Canada data breach – The incident was confirmed by the company and may have affected  20,000 customers (1%) of its 1.7 million mobile app users. The data breach of the day is the one suffered by Air Canada that may have affected  20,000 customers (1%) of its 1.7 million mobile app users. The news […]

air canada data breach

Air Canada data breach – The incident was confirmed by the company and may have affected  20,000 customers (1%) of its 1.7 million mobile app users.

The data breach of the day is the one suffered by Air Canada that may have affected  20,000 customers (1%) of its 1.7 million mobile app users.

The news was confirmed by Air Canada that revealed to have detected unusual login behaviour with Air Canada’s mobile App between Aug. 22-24, 2018, it added that financial data was protected but invited to remain vigilant for fraudulent credit card transactions.

“We detected unusual login behaviour with Air Canada’s mobile App between Aug. 22-24, 2018. We immediately took action to block these attempts and implemented additional protocols to protect against further unauthorized attempts. As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.” reads the data breach notification.

“Your credit card information is protected. Credit cards that are saved to your profile are encrypted and stored in compliance with security standards set by the payment card industry or PCI standards.  As a best practice, customers should always monitor their transactions and credit rating carefully and contact their financial services provider immediately if they become aware of any unusual or unauthorized activities.”

The company has asked Mobile+ app users to reset their accounts as a security precaution. Air Canada contacted potentially affected customers by email to notify the data breach.

Air Canada immediately took action to lock out unauthorized attempts and implemented additional security measures to protect its mobile users.

The most disconcerting aspect of the Air Canada data breach is that attackers may gave accessed additional data including customer’s passport number, passport expiration date, passport country of issuance and country of residence, Aeroplan number, known traveler number, NEXUS number, gender, date of birth, and nationality.

All this data could have been saved in their profile section of the Air Canada mobile app.
air canada data breach

At the time it is still unclear the root cause of the Air Canada data breach, the company urges users to reset their passwords.

All 1.7 million accounts have been temporarily locked until the customers change their passwords.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Air Canada data breach, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]