
In June, WestJet disclosed a cyberattack. More details have now been made available as the airline has sent notification letters to 1.2 million people.
In its notification, WestJet, the second-largest Canadian airline, emphasizes that credit card or debit card numbers, expiration dates, and CVV numbers, as well as guest user passwords, were not compromised, and at no time was the safety and integrity of its operations ever in question.
The types of personal information involved by this incident vary by individual but may include your name, date of birth, mailing address, information about the travel document you used when travelling with WestJet (such as your passport or other government issued identification document or number) and other information associated with your travel needs such as accommodations requested or complaints filed. No credit card or debit card numbers, expiry dates or CVV numbers or account passwords were involved.
If you are a WestJet Rewards Member, information linked to your membership may have also been involved. This could include your WestJet Rewards ID number and points balance on the date of the incident, as well as other information linked to the use of your account. Importantly, your password to access Rewards accounts was not involved. WestJet has no reason to believe that your points may be at risk.
If you are a WestJet RBC Mastercard, WestJet RBC World Elite Mastercard, or WestJet RBC World Elite Mastercard for Business cardholder, additional information linked to your WestJet Rewards account may have also been involved. This may include a credit card identifier type (e.g. “World Elite”), and information about changes to your WestJet points balance.
Your credit card number, expiration date and CVV are not involved.