Air Canada, the largest airline in the country, this week announced that the personal information of some employees was accessed in a recent cyberattack.
In an incident notification, Canada’s national airline announced that a threat actor obtained limited access to one of its internal systems that contained “limited personal information of some employees and certain records”.
According to Air Canada, the incident had no impact on its flight operations systems. Furthermore, the company says, customer facing systems were not accessed and no customer information was compromised in the attack.
The airline says it has already contacted the affected parties to inform them of the data breach, and that the incident was reported to the relevant authorities.
“We can also confirm all our systems are fully operational. We have since implemented further enhancements to our security measures, including with the help of leading global cyber security experts, to prevent such incidents in the future as part of our ongoing commitment to maintaining the security of the data we hold,” the company says.
No information was provided on the threat actor behind the attack and no known cybercrime group has claimed responsibility for the incident yet.
However, Air Canada’s notification came within days after the Canadian government warned of a pro-Russian cybercrime group targeting organizations in the country with distributed denial-of-service (DDoS) attacks.
Earlier this month, French aerospace giant Airbus launched an investigation after a hacker leaked information allegedly stolen from its systems. The same hacker claims to have breached the FBI’s InfraGard database and has leaked data allegedly stolen from credit reporting firm TransUnion.