WestJet Airlines– owned by Onex Corp (TSE: ONEX) (OTCMKTS: ONEXF) (FRA: ONE), Delta Air Lines Inc (NYSE: DAL) (FRA: OYC) and Korean Airlines Co Ltd (KRX: 003490) — has become the victim of a cyberattack.
In a filing made with the Office of the Maine Attorney General on Sept. 29, the popular Canadian aviator revealed that 1.2 million customers had been targeted by hackers earlier this year. No payment data was compromised, but a “sophisticated criminal third party” gained unauthorized access to WestJet’s system and an assortment of their personal info.
This material included passports, postal addresses and other government-issued travel identification documents.
WestJet informed the public that it was collaborating with the FBI and Canadian Centre for Cyber Security to identify those responsible.
“Containment is complete, and some additional system and data security measures have been implemented,” WestJet said in a press release on the matter. “However, analysis is ongoing, and WestJet will continue to take measures to further enhance its cybersecurity protocols.”
The airline has reached out to the impacted customers to offer support and explain the situation.
Certain parties are blaming the incident on a hacking group known as “Scattered Spider” that has been targeting other passenger airlines. However, its responsibility has not been confirmed.
Hawaiian Airlines, a subsidiary of Alaska Air Group Inc (NYSE: ALK) (FRA: ALK), and Australia’s largest air carrier Qantas Airways Ltd (OTCMKTS: QUBSF) (FRA: QAN) were also strongly suspected of being Scattered Spider victims earlier this year. IT systems were compromised and similar data was stolen from even more customers.
The Federal Bureau of Investigation issued a notice about Scattered Spider on X earlier this year.
WestJet transports approximately 25 million passengers annually.
ALERT—The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.… pic.twitter.com/gowmbsAbBY
— FBI (@FBI) June 27, 2025
Read more: Eight out of 10 latest ransomware attacks are AI-powered, MIT says
Incident brings other recent occurrence to mind
Dependance on digital systems that store vast quantities of data have made airline companies become popular targets for cybercriminals.
Just last month, Rtx Corp (NYSE: RTX) (FRA: 5UR) subsidiary Collins Aerospace was the victim of a ransomware attack that wreaked havoc throughout Europe.
Multiple airlines, including British Airways, Wizz Air and easyjet had their operations disrupted because of it. Hundreds of flights were delayed or cancelled and several check-in and baggage systems were rendered temporarily useless.
Collins is one of the world’s top providers of aerospace products.
This cybercrime spree throughout 2025 highlights the growing prevalence of hacking incidents in the international airline industry.
Read more: Hacker weaponizes Anthropic’s AI model ‘Claude’ for cybercrime spree
Follow Rowan Dunne on LinkedIn
rowan@mugglehead.com
