WestJet said it is working with members of the Calgary Police Service and the RCMP after data of some WestJet Rewards member profiles were posted online by an “unauthorized third party.”
None of the data contained credit card or banking information, WestJet said in a media release Friday night.
The airline said it received an email on Thursday afternoon that appeared to be spam and became aware of the privacy breach on July 28.
Immediate steps were taken to secure the affected systems, WestJet said.
“The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly and aggressively to resolve this incident,” said Craig Maccubbin, WestJet’s executive vice-president and chief information officer.
“WestJet is in the process of contacting affected guests and we deeply regret any inconvenience this may cause.”
WestJet said it is still investigating to determine how many member profiles were affected by the breach.
The Office of the Information and Privacy Commissioner of Alberta and the federal Privacy Commissioner have also been informed.
WestJet recommends all WestJet Rewards members update their passwords on a regular basis.