加拿大航空泄露2万客户信息

2018年8月30日加拿大航空公司的证实其遭遇数据泄露，可能影响其170万移动应用用户中的20,000名客户（1％）的数据。在2018年8月22日至24日期间发现加拿大航空公司的移动应用程序发现异常登录行为，并及时通知了用户。

其邮件内容如下：

“We detected unusual login behaviour with Air Canada’s mobile App between Aug. 22-24, 2018. We immediately took action to block these attempts and implemented additional protocols to protect against further unauthorized attempts. As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.” reads the data breach notification.

“Your credit card information is protected. Credit cards that are saved to your profile are encrypted and stored in compliance with security standards set by the payment card industry or PCI standards.  As a best practice, customers should always monitor their transactions and credit rating carefully and contact their financial services provider immediately if they become aware of any unusual or unauthorized activities.”

该公司已要求移动+应用程序用户重置其帐户作为安全预防措施。加拿大航空通过电子邮件联系可能受影响的客户以通知数据泄露。

加拿大航空公司立即采取行动锁定未经授权的企图，并采取额外的安全措施来保护其移动用户。

加拿大航空公司数据泄露最令人不安的方面是，攻击者可能会提供访问的其他数据，包括客户的护照号码，护照到期日期，护照签发国和居住国，Aeroplan号码，已知旅行者号码，NEXUS号码，性别，日期出生和国籍。

引用

https://securityaffairs.co/wordpress/75759/deep-web/air-canada-data-breach.html

https://www.bleepingcomputer.com/news/security/air-canada-mobile-app-users-affected-by-data-breach/