CALGARY — WestJet has reported that a cyberattack earlier this year resulted in the theft of personal data, including travel document information such as passports. However, the airline confirmed that credit and debit card numbers, as well as user passwords, were not compromised in the breach.

In a communication to customers, WestJet stated that the stolen personal information varies by individual. It may include names, dates of birth, email addresses, mailing addresses, phone numbers, genders, and recent travel booking histories, including booking numbers. Additionally, the compromised data may involve details about the travel documents used by passengers, such as passports or other government-issued identification.

WestJet cautioned that the stolen information could potentially be used for identity theft or fraud. To assist affected customers, the airline is offering free identity theft protection and monitoring services for a period of 24 months.

The airline detected suspicious activity on its systems on June 13, leading to the discovery that criminals had temporarily accessed some of its systems. In response to the incident, the Office of Canada’s Privacy Commissioner has initiated an investigation.