Customers of the Canadian airline WestJet claimed on Wednesday that their personal information had been hacked on the app. Some users said they could see the private information of other flyers. WestJet App data leaks customers raise privacy concerns.
Users of the WestJet app complained about the situation on Twitter, alleging they could see the personal information and account information of total strangers when they logged in to the app.
Following a “technical issue” with the airline’s app that allowed some users to view the personal information of other passengers on Wednesday afternoon, WestJet says it is looking into the matter.
Several users told CBC News that they could view the last four digits of a user’s credit card number as well as the user’s phone number, home address, date of birth, email address, and WestJet cash and travel voucher details from other users’ profiles.
A WestJet spokeswoman informed CBC News via email that “a technical issue was found that impacted visitor profiles on the WestJet App” at 3:53 pm MT. At 4:27 PM MT, it was added, that the problem had been fixed. Paul Baines, a WestJet app user who was able to view various accounts, asserted that he thought the problem persisted for an hour more than WestJet claimed.
Baines, who is from London, England, is in Toronto to see his girlfriend Victoria Angus. When Angus signed onto her app to check flights to London at around 3 p.m. MT, she claimed she first noticed the problem.
When Angus entered his profile, he noticed that the name of an unknown individual was there. She could view part of the credit card information and the person’s contact details.
Angus claimed that when she went to view her member information, she discovered the personal data of another person.
Every time I refreshed the screen, it would randomly insert a different piece of profile information four or five times.
Baines said that, among other private information, he could sometimes see on the app the last four numbers of other users’ credit cards and the name of the credit card firm.
The Apologizes from WestJet
According to him, there was enough information to allow a malicious actor to alter people’s data records.
With regard to this data being accessible, “this is a very significant data breach.”
In a statement, WestJet expressed regret to the guests for the inconvenience and stated that it is looking into the situation.
WestJet stated, “We take our customers’ privacy very seriously and will continue to offer updates to our passengers as needed.
When CBC asked WestJet how many people were affected by the technical issue and how many users’ private information was disclosed, the airline did not comment.
Similar incidents were reported on Twitter Wednesday afternoon by other WestJet app users.
Derek Bowen from Nanaimo, British Columbia, claimed that when he checked his app, he discovered the private data of two additional individuals. He could see one user’s private contact information in one section of the app. He could view the travel bank, rewards bank, and travel vouchers of a second individual in a different section of the app.
He said, “I was just amazed that I could actually receive that knowledge.
Unsatisfied Users
When they first became aware of the problem, Baines, Angus, and Bowen claimed they promptly contacted WestJet to report it, but they were dissatisfied with the resolution.
An automatic response was given to Angus’ social media query. She then dialed the customer service number, where she received scant details.
“They respond, “Yes, we are aware of the issue. Since we are not IT, we are unsure of what to do. They’re mending it, you know. And that was about all “She spoke.
According to Angus, she resisted the airline and demanded that someone get in touch with her if anyone had seen her personal information.
“Because if I access someone else’s, someone else could perhaps access mine. How many hits have there been on my data? I want to know.
Baines attempted to get in touch with a WestJet technology officer via LinkedIn. He claimed that after explaining the problem to the worker, he was informed that the airline was looking into it.
In the meantime, Bowen claimed he tweeted the airline but received no response.
What surprised him was that neither WestJet nor either of their websites had posted a statement.
“We’re now in a position where that data has leaked from a secure environment,” continued Baines. Do I trust this business enough to use it again? My confidence in the business has, in my opinion,
