Air Canada says hackers accessed restricted worker information throughout cyberattack

Canada’s largest airline introduced an information breach this week that concerned the knowledge of staff, however mentioned its operations and buyer knowledge was not impacted.

Air Canada, one of many world’s oldest airways working greater than 1,300 flights a day, launched a press release on Wednesday explaining a current knowledge breach.

The corporate didn’t reply to requests for remark about when the assault occurred and whether or not it was a byproduct of a ransomware assault.

“An unauthorized group briefly obtained restricted entry to an inside Air Canada system associated to restricted private info of some staff and sure information. We will verify that our flight operations techniques and buyer going through techniques weren’t affected,” the corporate mentioned.

“No buyer info was accessed. We’ve contacted events whose info has been concerned as acceptable, in addition to the related authorities. We will additionally verify all our techniques are absolutely operational.”

The corporate added that it labored with cybersecurity consultants to additional lockdown its techniques following the incident.

The announcement got here on the identical day {that a} cyberattack suspected to be carried out by a pro-Russia hacking group reportedly resulted in widespread service disruptions at a number of Canadian airports.

The Canada Border Providers Company (CBSA) confirmed to Recorded Future Information that the connectivity points that affected check-in kiosks and digital gates at airports final week are the results of a distributed denial of service (DDoS) assault.

No group has taken credit score for the assault on Air Canada however the nation’s companies have confronted relentless assaults from Russia-based actors since Canada’s authorities introduced its assist for Ukraine final 12 months.

Knowledge breaches and cyberattacks have develop into a standard affliction for airports during the last decade, with a number of incidents affecting Scandinavian Airways, India’s SpiceJet, Air India and Bangkok Air. A number of aviation firms like Jeppesen and Accelya have additionally confronted assault.

Final week, European aerospace big Airbus mentioned it’s investigating a cybersecurity incident following studies {that a} hacker posted info on 3,200 of the corporate’s distributors to the darkish net.

A July report from IBM mentioned the transportation business had one of many highest breach cost-per-breach figures of any they tracked – with the typical breach costing firms within the business $4.18 million in 2023.