Air Canada is requesting a password reset of its entire 1.7 million user base for its mobile app. This was caused from the detection of unusual login behavior between August 22nd to August 24th, leading to suspect that 20,000 user accounts held within the aircraft’s mobile app had been compromised.
The information that may have been leaked within the breach possibly included customer’s passport number; passport expiration date; passport country of issuance and residence; NEXUS number; Aeroplan account number; and personal details such as gender, date of birth, and nationality. Payment card information was protected and not believed to have been exposed in the breach.
It should be noted that Air Canada was able to detect the suspicious login activity almost immediately, which then led to the discovery of the breach.
Proficio Threat Intelligence Recommendations:
- Log hosted web application activity to enable monitoring and auditing of the app.
- Have a monitoring solution in place for web application authentication activity.
- Have a breach notification procedure in place for hosted web applications
- Users should use secure and complex passwords to protect their accounts
Summary of Details of Breach – Click Here