WestJet, one of Canada's major airlines, recently faced a cybersecurity incident that sent ripples through its operations. With internal systems and app access disrupted, customers and employees alike are left wondering about the safety of their data. In this blog, we'll explore the details of what happened, assess the potential risks to your personal information, and outline steps you can take to safeguard your data.
What Datapoints Were Leaked?
WestJet recently confirmed a cybersecurity incident that disrupted access to internal systems and their mobile app. As of now, the investigation is still underway, and WestJet has not publicly disclosed any specific customer data that may have been compromised. There’s a fog of uncertainty over whether sensitive personal details—like passport numbers, credit card information, or travel itineraries—have been exposed.
Here's what we do know:
WestJet is keeping tight-lipped on details: No confirmed list of leaked datapoints has been released. The company is actively working with cybersecurity experts to assess the situation.
No official word on ransomware: While there’s speculation about ransomware being involved, WestJet hasn’t confirmed this. Ransomware attacks typically aim to lock up data and sometimes threaten to leak it, so this possibility can’t be ruled out yet.
Customers and employees are in the dark: Without clear information, both groups are left waiting for updates on whether their personal or professional information is at risk.
For those worried about their own data, this uncertainty can feel unsettling. It’s a bit like waiting for the other shoe to drop—no one wants to hear that their private details have been swept up in a breach. If you’re already using digital privacy tools such as Cloaked to mask your sensitive information online, you may have an extra layer of protection in case details do emerge about what data was involved.
Should You Be Worried?
When a company like WestJet reports a cyber incident, customers are right to pause and question what it means for them. Disrupted services, anxious waits, and the unknowns about your personal data naturally stir up concern. Let's lay out what you really need to know, without the tech jargon or sugar-coating.
Why the Worry Makes Sense
Service Interruptions: WestJet’s recent cybersecurity issue has led to flight delays and cancellations. If you’ve been stranded at an airport or missed an important event, the frustration is very real. Service disruption isn’t just a technical hiccup—it’s a personal headache.
Uncertainty About Data: At the time of writing, there’s no solid proof that customer personal data—like your name, payment info, or travel details—has been accessed. But, in data breaches, sometimes the facts emerge slowly. It’s normal to feel uneasy, even if the official word is “no evidence yet.”
What We Know About the Data Risk
No Direct Evidence—Yet: WestJet has stated there’s currently no sign of personal customer data being compromised. That said, it pays to stay cautious. Sometimes, information surfaces after deeper investigation.
Law Enforcement Is Involved: WestJet isn’t handling this alone—they’re working with law enforcement and cybersecurity experts. This collaboration is meant to limit further risk and help trace the incident’s source.
Practical Vigilance
While there’s no confirmation your data is exposed, it’s smart to stay alert. Here’s what you can do:
Watch Your Accounts: Keep an eye on your email, credit card statements, and WestJet account for any activity you don’t recognize.
Update Passwords: If you use the same password across multiple sites, change it now. Cybersecurity 101: one account compromised shouldn’t mean all your accounts are at risk.
Be Skeptical of Unsolicited Messages: Scammers may try to take advantage of the confusion, posing as WestJet or support staff. Don’t click on suspicious links or give out sensitive info.
How Cloaked Can Help
For those who want a little more peace of mind, consider using services like Cloaked. Cloaked helps mask your personal information—like emails, phone numbers, and even credit card details—so that, even if a company suffers a breach, your real data stays hidden. It’s a practical way to add an extra layer of safety when you’re booking flights, shopping online, or signing up for new services.
Stay informed, stay prepared, and don’t panic—but do take these events as a reminder that caution is always wise when it comes to your personal information.
What Should Be Your Next Steps?
Staying safe after a data incident is about action, not panic. If you’re affected by the WestJet breach, here’s what you should do—clear, simple, and effective.
1. Stay Updated with Official WestJet Communication
WestJet will use their verified channels to inform customers about developments. Don’t rely on rumors or third-party sources. If you get an email or text, check the sender carefully. Official updates will help you separate fact from fiction.
Bookmark WestJet’s official website and social media.
Sign up for alerts through their customer portal, if available.
2. Watch Your Accounts Like a Hawk
After a breach, suspicious activity could pop up anywhere—email, bank, or loyalty accounts. Criminals often test stolen info in places you wouldn’t expect.
Review your account statements and recent transactions.
Keep an eye on loyalty programs connected to WestJet.
Report any unfamiliar activity immediately.
3. Change Passwords Across Sites
If you reuse passwords, now’s the time to change them. A breach in one place can snowball if your credentials are used elsewhere.
If you’re concerned about your personal data being exposed or reused elsewhere, privacy tools like Cloaked can help create new, secure identities for your online accounts. With Cloaked, you can generate masked emails and phone numbers, making it harder for criminals to use your real info even if it leaks.
4. Be Skeptical of “Official” Messages
Cybercriminals love to impersonate trusted brands after a breach. They’ll send fake emails or texts, hoping you’ll click a malicious link or share more info.
Never click on links from unverified sources.
Double-check sender addresses and URLs for small typos.
If something feels off, contact WestJet directly using info from their official site.
5. Reach Out to WestJet Support for Anything Unusual
If you spot something strange—unexpected account changes, unauthorized bookings, or odd emails—don’t wait. Contact WestJet support right away.
Document what you noticed (screenshots help).
Use official phone numbers or chat tools from the WestJet website.
Protecting your information is a shared responsibility. Take these steps seriously, and you’ll put yourself in a much stronger position to defend against follow-up attacks or scams.
Cloaked FAQs Accordion
Frequently Asked Questions
First, change your passwords—especially if you've reused them across sites. Then enable two-factor authentication (2FA) on all key accounts. Review your account and credit activity regularly for any unusual behavior. If suspicious actions surface, consider freezing your credit and alerting your bank. To proactively reduce exposure in the future, tools like Cloaked can mask your personal information before breaches happen.
Cloaked provides you with disposable emails, phone numbers, and payment details, making it harder for bad actors to access your real identity. These tools help you safely sign up for services, communicate, and shop online without putting your core identity at risk.
Commonly targeted data includes full names, email addresses, phone numbers, birthdates, physical addresses, login credentials, and payment info. Tools like Cloaked help shield this information by providing secure, masked alternatives.
Always be skeptical. Malicious links are one of the most common ways hackers infect devices or steal data. Avoid clicking unless you can verify the source. Services like Cloaked can add layers of security so your real contact info isn’t exposed even if you make a mistake.
Using the same contact info across platforms makes it easy for attackers to build a full profile of you. If one platform gets breached, all your accounts can be at risk. That’s why Cloaked allows you to use different, secure contact methods for each service.
At Cloaked, we believe the best way to protect your personal information is to keep it private before it ever gets out. That’s why we help you remove your data from people-search sites that expose your home address, phone number, SSN, and other personal details. And to keep your info private going forward, Cloaked lets you create unique, secure emails and phone numbers with one click - so you sign up for new experiences without giving away your real info. With Cloaked, your privacy isn’t a setting - it’s the default. Take back control of your personal data with thousands of Cloaked users.
*Disclaimer: You agree not to use any aspect of the Cloaked Services for FCRA purposes.
