Air Canada, the largest airline in Canada, reported a recent data breach that affected employee records but had no impact on its operations or customer data. While the airline confirmed the breach, it did not provide specific details about when the incident occurred or whether it was connected to a ransomware attack.
An unauthorized group briefly accessed an internal Air Canada system containing limited personal information of some employees and certain records, but no customer information was compromised. The airline quickly responded to the breach, working with cybersecurity experts to enhance its system security.
Coincidentally, on the same day as Air Canada’s data breach disclosure, several Canadian airports experienced widespread service disruptions due to a suspected cyberattack believed to be carried out by a pro-Russia hacking group.
The Canada Border Services Agency (CBSA) confirmed that the disruptions were caused by a distributed denial of service (DDoS) attack, affecting check-in kiosks and electronic gates at airports.
Although no group claimed responsibility for the Air Canada breach, Canadian businesses have been under continuous attack from Russia-based threat actors, especially since Canada announced its support for Ukraine.
Data breaches and cyberattacks have become increasingly common in the aviation industry over the past decade, impacting airlines such as Scandinavian Airlines, SpiceJet, Air India, and Bangkok Air, along with aviation companies like Jeppesen and Accelya. The incident highlights the growing cybersecurity challenges faced by the transportation industry, with a recent IBM report noting that the transportation sector has one of the highest breach cost-per-breach figures, averaging $4.18 million in 2023.