Air Canada mobile app breached

The company said it “detected unusual login behaviour” between 22^nd-24^th August and has asked all users of the mobile app to reset their passwords.

Around one per cent of the app’s 1.7m registered user profiles – 20,000 accounts – may have been improperly accessed, the company said in a notice on its website. Customers potentially affected by the breach have been contacted by email and the company has locked mobile app user accounts.

Hackers may have accessed basic profile data stored on the app, including names, email addresses and telephone numbers, but users can also add more sensitive information including their passport number, expiration date and country of issuance, gender, date of birth, Known Travel Number and nationality.

The company said credit card information stored on the app is protected as details are encrypted. 

Passengers can also add the number for their Aeroplan account, Air Canada’s loyalty programme. The company said Aeroplan passwords are not stored on the mobile app but advised customers to review transactions regularly and report any irregular transactions.