WestJet reports disclosure of rewards program data from unauthorized third party

WestJet reported on Friday that it has “become aware that some WestJet Rewards member profile data has been disclosed online by an unauthorized third party.”

A WestJet aircraft is seen in Pearson International Airport on Friday, July 28, 2017. THE CANADIAN PRESS/Christopher Katsarov

None of the data contained credit card or banking information, Calgary-based WestJet noted in a statement, but the airline encouraged all WestJet Rewards members to update their passwords on a regular basis.

WestJet said that it has taken “immediate steps to secure affected systems and has been working closely with the Calgary Police Service and the RCMP cybercrime unit in its investigation.” The Office of the Information and Privacy Commissioner of Alberta and the Office of the Privacy Commissioner of Canada has been informed.

“The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly and aggressively to resolve this incident,” said Craig Maccubbin, WestJet executive vice president and chief information officer, in the statement. “WestJet is in the process of contacting affected guests and we deeply regret any inconvenience this may cause.”

The airline added that it continues to work together with government, law enforcement agencies and the technology industry to combat the growth of hacking and other cybercrimes.

The announcement came as the airline issued a travel advisory for Florida in relation to Tropical Storm Emily, advising of flight delays or cancellations for all customers travelling to or from the state on Monday.

The Associated Press reported on Monday that Florida Gov. Rick Scott declared a state of emergency in 31 of Florida’s 67 counties due to the storm. Tropical Storm Emily made late-morning landfall along the coast and was expected to cross the Florida peninsula within hours. A flood watch was also in effect for much of the Tampa area and heavy rainfall is expected.