Introduction
WestJet Airlines [3] [4] [5] [6] [7] [8], Canada’s second-largest carrier [4] [5] [9], is addressing a significant cybersecurity incident that has impacted its digital services. This breach highlights the growing cyber threats facing the aviation sector and underscores the importance of robust cybersecurity measures.
Description
WestJet Airlines [3] [4] [5] [6] [7] [8], Canada’s second-largest carrier based in Calgary, is currently investigating a significant cybersecurity incident first detected on June 13, 2025. This incident has disrupted access to its mobile application and certain internal systems [6], affecting an undisclosed number of users [6]. Specialized internal teams are collaborating with law enforcement agencies and Transport Canada to assess the nature and impact of the breach while working to mitigate its repercussions. Although access to the app and website has since been restored [2], some backend services continue to be affected, and customers may experience intermittent outages and errors when using the WestJet app and website [3]. Importantly, core flight operations [1] [2] [4] [5] [9], including safety and scheduling systems [1], remain secure and stable [3] [5] [7], with no indication that the incident has compromised flight safety [5].
In response to the breach, WestJet is focused on safeguarding sensitive data and personal information for both guests and employees [6] [8]. The airline has advised customers and staff to exercise caution when sharing personal information [4] [5], as cybercriminals may exploit the situation for phishing and other fraudulent activities [5]. This incident underscores the increasing cyber threats targeting Canada’s critical infrastructure [6] [9], particularly in the aviation sector, where system uptime and customer trust are paramount [2].
WestJet is committed to enhancing its cybersecurity measures to protect sensitive personal data and the integrity of its digital environment. The airline has pledged to provide regular updates every 12 hours or sooner as new information becomes available and expressed gratitude for the patience and support of its guests, employees [1] [2] [4] [5] [6] [7] [8] [9], and partners during this challenging period [5]. This situation serves as a reminder of the importance of maintaining robust cybersecurity practices in the aviation sector, where even minor breaches can have significant operational implications [1]. No threat actors have claimed responsibility for the incident [2] [8].
Conclusion
The cybersecurity incident at WestJet Airlines has disrupted digital services but has not affected core flight operations. The airline is actively working with authorities to mitigate the breach’s impact and is committed to strengthening its cybersecurity defenses. This event highlights the critical need for ongoing vigilance and robust cybersecurity practices in the aviation industry to protect against evolving threats.
References
[1] https://www.apextechservices.com/topics/articles/462371-westjet-cyberattack-hits-app-internal-systems-prompting-regulatory.htm
[2] https://dailysecurityreview.com/security-spotlight/cyberattack-disrupts-westjet-internal-systems-airline-investigating-with-authorities/
[3] https://www.techradar.com/pro/security/westjet-investigating-possible-cyberattack-make-sure-your-data-is-safe
[4] https://www.infosecurity-magazine.com/news/westjet-investigates-cyberattack/
[5] https://gbhackers.com/canadian-airline-westjet-suffers-cyberattack/
[6] https://www.insurancejournal.com/news/international/2025/06/16/827912.htm
[7] https://www.westjet.com/en-ca/news/2025/advisory–cybersecurity-incident-
[8] https://www.cyberdaily.au/security/12240-major-airline-westjet-investigates-cyber-attack
[9] https://cybermaterial.com/canada-westjet-airline-contains-cyberattack/
