WestJet has confirmed that a June cyberattack led to the theft of sensitive data belonging to about 1.2 million customers, including passport and government ID details. The airline disclosed the scope of the breach in a notice to customers and U.S. authorities after wrapping up its investigation on September 15, according to Bleeping Computer.

The attack was first made public on June 13, when WestJet reported system outages that took its app offline. While the airline did not initially say whether customer information had been accessed, the latest update confirms that hackers obtained personal data such as names, dates of birth, mailing addresses, travel documents, complaints, and WestJet Rewards account details.

In some cases, information linked to WestJet-branded RBC Mastercard account

See Full Page