Air Canada recently experienced a hacking incident where an unauthorized group gained access to its internal system servers, compromising the personal information of some employees. The company released a statement on September 20 confirming the breach. However, they did not disclose which records were compromised, the number of affected employee records, or the timeline of the incident.
Fortunately, the hackers did not access customer data, and flight operations and customer-facing systems were unaffected. Air Canada has notified the employees whose information was accessed and has reported the incident to the relevant authorities. The company assured that its systems are now fully operational and has implemented additional security measures in collaboration with global cyber security experts to prevent future incidents and protect the data it holds.
The motive behind the hacking and whether Air Canada was deliberately targeted or if the hackers exploited a known application flaw or stolen credentials remain unknown. However, according to KonBriefing.com, an independent research organization tracking cyberattacks, the air transportation sector has increasingly become a target for hackers, including distributed denial of service (DDoS) attacks. These attacks aim to disrupt networks, services, or websites by overwhelming them with a large volume of internet traffic from multiple sources.
Air Canada declined to provide any further comments on the incident at this time.