WestJet Data Breach Hits 1.2M Passengers in Scattered Spider Attack

WestJet, Canada's second-largest airline, disclosed that 1.2 million passengers were affected by a cyberattack discovered earlier this year. The breach was revealed through a filing with Maine's attorney general, confirming 240 residents in that state were among those impacted. The stolen data includes highly sensitive passenger information such as names, dates of birth, postal addresses, and critical travel documents including passports and government-issued identity documents.

Beyond basic passenger information, the breach also compromised customer rewards program data, including points balances and account details. This expansion of compromised data highlights the comprehensive nature of the attack, potentially affecting passengers' loyalty program benefits and creating additional identity theft risks. The airline has not provided specific details about what financial protections are being offered to affected customers.

Security experts have linked this breach to Scattered Spider, a financially motivated hacking group composed primarily of English-speaking teenagers and young adults. The group is notorious for their social engineering tactics, particularly calling IT help desks to trick employees into granting network access. This same group has been connected to other major airline breaches, including a recent attack on Australian airline Qantas that affected over 6 million customers.

The WestJet incident is part of a troubling pattern of attacks targeting the aviation and transportation sectors. Earlier this year, the FBI and cybersecurity firms issued warnings about Scattered Spider's focus on airline industry targets. These attacks underscore the critical need for enhanced cybersecurity measures across the aviation industry, as airlines handle vast amounts of sensitive passenger data and travel documentation that can be exploited for identity theft and fraud.