Pierluigi Paganini
June 15, 2025
WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canada’s second-largest airline, after Air Canada.
WestJet is investigating a cybersecurity incident impacting some of its internal systems and mobile app, which has blocked access for several users.
The company is mitigating the attack with specialized internal teams and coordinating the response with law enforcement and Transport Canada.
The airline pointed out that the attack did not impact operational safety, while efforts are focused on protecting sensitive personal data. Guests and employees are advised to exercise extra caution when sharing personal information.
“WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users. We have activated specialized internal teams in cooperation with law enforcement and Transport Canada to investigate the matter and limit impacts.” reads the update published on June13, 2025.
“We are expediting efforts to maintain the safety of our operation and safeguard sensitive data and personal information for both our guests and employees, and we apologize to all guests for any disruption to their access to WestJet’s services.”
WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users. We have activated specialized internal teams in cooperation with law enforcement and Transport Canada to investigate the matter and limit impacts.
We are expediting efforts to maintain the safety of our operation and safeguard sensitive data and personal information for both our guests and employees, and we apologize to all guests for any disruption to their access to WestJet’s services.
It is too early to speculate on details, though we are committed to sharing what we know as information becomes available. WestJet advises that guests and employees exercise additional caution at this time, especially when sharing personal information.
As of June 14, the company announced it was responding to the incident. Flight operations remain safe and unaffected. The airline is working to assess the impact and resolve the issue quickly, apologizing for any disruptions experienced by guests and employees.
The airline did not share technical details about the attack.
Cyber threats targeting Canada’s critical infrastructure are increasing.
In April 2025, Canadian electric utility Nova Scotia Power and parent company Emera faced a cyberattack that disrupted their IT systems and networks. The cyber attack impacted their IT systems and networks. Both companies declared that the security incident did not cause any power outages.
In September 2023, Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack. In June 2023, the cyber attack suffered by Suncor Energy impacted payment operations at Petro-Canada gas stations in Canada.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, WestJet)
