Canadian airline WestJet has started investigating a cyberattack that disrupted its internal systems and limited access to its mobile application. The breach has prompted the carrier to collaborate with law enforcement and Transport Canada to address the situation and mitigate its effects.
“WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users,” the firm said in a security advisory posted on its website on Friday. “We have activated specialised internal teams in cooperation with law enforcement and Transport Canada to investigate the matter and limit impacts. We are expediting efforts to maintain the safety of our operation and safeguard sensitive data and personal information for both our guests and employees, and we apologise to all guests for any disruption to their access to WestJet’s services.”
The advisory did not specify the number of users affected. However, it indicated that it is too early to speculate on additional details or the potential scope of the incident. The company has since restored access to the airline’s website and mobile application. However, WestJet warned that users may still experience occasional interruptions or errors when interacting with the app or website.
In a new update on 15 June, WestJet confirmed that the airline’s operations continue to run safely, despite the impact on certain software and services. The company is still in the process of determining the full extent and impact of the cybersecurity incident.
It remains unclear whether the disruption was caused by a ransomware attack that encrypted systems or if systems were shut down as a precautionary measure to prevent further spread of the breach.
WestJet cyberattack highlights rising threats on critical infrastructure
WestJet, which commenced operations in 1996, currently serves more than 100 destinations across North America, Central America and the Caribbean, Europe, and Asia. The cyberattack targeting the Canadian airline forms part of a broader trend of increasing cyber threats targeting critical infrastructure in North America.
Last month, Nova Scotia Power, an electric utility owned by Emera, experienced a ransomware attack. The attack compromised certain IT systems and resulted in the online exposure of data from approximately 280,000 customers. The leaked information potentially included billing details and, for those using autopay, bank account numbers. The power utility, which provides electricity to more than 500,000 customers in Nova Scotia, confirmed that it did not pay the ransom demanded by the attackers.
United Natural Foods (UNFI), a grocery wholesale distributor which serves more than 30,000 customer locations across the US and Canada, also suffered a cyberattack recently.
Read more: Interpol’s cybercrime operation dismantles over 20,000 malicious domains
