Security & Fraud

Air Canada Confirms Data Breach Of Mobile App

Air Canada, the Canadian airline operator, confirmed to TechCrunch on Wednesday (August 29) that its mobile app suffered a data breach.

According to news from the site, Air Canada said the data breach of its mobile app affected approximately 20,000 people — or about 1 percent of the 1.7 million people who use the app. The company said it detected “unusual log-in behavior” between August 22 and August 24. In an email to customers, Air Canada said hackers may have accessed profile data such as email addresses and phone numbers as well as more sensitive data that users added to their accounts, including passport numbers and expiration dates, passport country of issuance, NEXUS numbers for travelers, gender, dates of birth and in which country they reside. However, credit card data was not compromised in the breach, Air Canada noted.

The airline isn’t the only company to suffer a data breach this year. In April, Sears, the department store, and Delta Air Lines, the airline operator, disclosed that payment information of some customers could have been exposed as part of a data breach at [24], a software provider. According to a report in Reuters at the time, [24], which provides online support services to Sears and Delta Air Lines, among other firms, informed Sears in the middle of March that the hack resulted in the unauthorized access of credit card information for fewer than 100,000 customers. The hack happened on or around Sept. 26, 2017, and was identified and resolved on Oct. 12.

Meanwhile, Delta Air Lines said only a small number of customers had their data exposed in the compromise. The airline operator noted that personal details on things such as passports, government identifications, security and SkyMiles information was not impacted. Sears said its stores and internal systems were left out of the breach as well. At the time, there was no information on how many customers using the Sears credit card were impacted in the hack.



The pressure on banks to modernize their payments capabilities to support initiatives such as ISO 20022 and instant/real time payments has been exacerbated by the emergence of COVID-19 and the compelling need to quickly scale operations due to the rapid growth of contactless payments, and subsequent increase in digitization. Given this new normal, the need for agility and optimization across the payments processing value chain is imperative.