WestJet is notifying U.S. residents of a cybersecurity incident that may have exposed certain personal information earlier this year.
The airline said it identified suspicious activity on its systems on June 13, 2025, and determined it was the result of “a sophisticated, criminal third party” gaining unauthorized access.
“Given the significant importance of data security to the integrity of its business, WestJet was prepared for incidents of this nature and followed its response planning by taking immediate action to contain the incident and secure its systems,” the airline said in a statement.
RELATED: WestJet Offering Fraud Monitoring in Wake of Cybersecurity Breach
A forensic investigation confirmed that some data had been taken, though WestJet said no credit card or debit card numbers, expiry dates, CVV numbers, or guest passwords were obtained.
The airline completed an analysis of the compromised data on September 15, 2025.
The type of personal information varies by individual. For many, it was not sensitive, but in some cases, it may include names, contact details, reservation-related documents, and information about a traveller’s relationship with WestJet.
WestJet said it is contacting affected individuals where possible, in line with regulatory requirements, and has posted further information on its website.
Law enforcement agencies, including the U.S. Federal Bureau of Investigation and the Canadian Centre for Cyber Security, were notified, as well as U.S. credit bureaus and the Office of the Privacy Commissioner of Canada.
Containment measures are now complete, although WestJet stated that it is continuing to strengthen its cybersecurity protocols.
RELATED: Cyber Experts Warn Canadians of Rising Travel Scams
Those who receive a direct notice from WestJet will also be offered access to identity theft protection services.
Customers who did not receive a direct notification but want to know if their information was involved can contact WestJet at 1-888-937-8538 or wjresponseteam@westjet.com.
WestJet urged individuals to remain vigilant against fraud by monitoring financial statements and credit reports. The U.S. Federal Trade Commission offers advice on identity theft at consumer.ftc.gov/features/identity-theft.
“We sincerely regret this situation, and we remain grateful for the support and patience of the thousands of guests and WestJetters who place their trust in us,” the airline said.
For the latest travel news, updates and deals, subscribe to the daily TravelPulse newsletter.
