Pierluigi Paganini September 22, 2023

Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack.

Air Canada, the flag carrier and largest airline of Canada, announced that threat actors had access to the personal information of some employees during a recent cyberattack.

“An unauthorized group briefly obtained limited access to an internal Air Canada system related to limited personal information of some employees and certain records. We can confirm that our flight operations systems and customer facing systems were not affected. No customer information was accessed.” reads the statement published by the company. “We have contacted parties whose information has been involved as appropriate, as well as the relevant authorities.”

The company states that flight operations systems and customer-facing systems were impacted by the cybersattack.

The carrier confirmed that its systems are fully operational, it also announced it has implemented further security measures with the help of leading global cyber security experts.

According to the statement, the attackers had access to one of the company’s internal systems.

The airline notified the impacted employees and the relevant authorities.

Air Canada did not share details about the attack, at the time of this writing, no known extortion group has claimed responsibility for the cyber attack.

A few days ago, the Pro-Russia group NoName057(16) announced to have launched DDoS attacks on several Canadian organizations, including CBSA, the Canadian Air Transport Security Authority, and the Senate.

The attacks severely impacted operations at several Canadian airports last week.

The Canada Border Services Agency (CBSA) confirmed that the attack impacted check-in kiosks and electronic gates at airports. The cyber attack caused delays in the processing of arrivals for more than an hour at border checkpoints across the country.

The Canadian Centre for Cyber Security published an alert warning of a Distributed Denial of Service campaign targeting multiple Canadian sectors.

“Since 13 September 2023, the Cyber Centre has been aware and responding to reports of several distributed denial of service (DDoS ) campaigns targeting multiple levels within the Government of Canada, as well as the financial and transportation sectors.” reads the alert. “This Alert is being published to raise awareness of these campaigns, to highlight the potential impact to government services and to provide guidance for organizations who may be targeted by malicious activity.”

In August 2018, Air Canada suffered another data breach. The company announced that the security incident may have affected  20,000 customers (1%) of its 1.7 million mobile app users.

Air Canada revealed to have detected unusual login behaviour with Air Canada’s mobile App between Aug. 22-24, 2018, it added that financial data was protected, but invited to remain vigilant for fraudulent credit card transactions.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Air Canada)