Air Canada recently confirmed a data breach occurred between August 22 and 24, affecting users of the Air Canada mobile app. The breach is just the latest in a string of cyber-attacks impacting mobile app users.
The Air Canada mobile app has approximately 1.7 million users. It is believed that one percent, or 20,000 users, may have been affected. The company announced they would be contacting potentially affected users directly via e-mail.
Upon notice of the breach, Air Canada says it immediately took action to deter further unauthorized login attempts and implemented additional measures to enhance security. Certain data, like users credit card information, was deemed safe. This is because this type of data is encrypted and required to be stored in compliance and in accordance with the industry’s payment card regulations.
The type of data compromised includes passenger names, telephone numbers, email addresses, birth dates, nationalities, and other data.
Air Canada contacted potentially affected customers by email beginning August 29. The company also released an FAQ section on their website, which provides details regarding specifics of the breach. As a precaution, the company is requiring that Air Canada mobile App users reset their passwords following a new, improved set of password guidelines.
They recommend a more robust password as an added layer of protection against attempts for unauthorized access. In the release, the company also encouraged users to frequently monitor their transactions to ensure there are no unauthorized charges.
A Growing Trend
Data breaches are a growing problem in today’s increasingly digitalized world. In July of this year, Timehop announced a “network intrusion” that led to a possible breach of personal user data, affecting more than 21 million users. The incident was disclosed in a blog post on the company’s website. About 3.3 million users had information like their name, phone, email, and date of birth compromised.
In February, the data of approximately 150 million users of the MyFitnessPal app was compromised in a data breach. The app’s parent company, Under Armour, said in a press release in March that usernames, hashed passwords and email addresses may have been exposed. Sensitive information such as credit card information was not compromised.
How To Protect Your Data
There are several precautionary steps mobile app users can take to reduce the risk of a data breach within their device. These can include:
- Make sure to update when new versions are released
- Reduce the use of public Wi-Fi
- Clean up apps not in use
- Use Two-Factor Authentication (2FA) when possible
- Always use unique, strong passwords for apps
Minimize the Use Of Public Wi-Fi
Free Wi-Fi may seem like a good idea, but using it too much can leave you open to a data hack, especially if you’re not careful. Using free, public Wi-Fi for things like web surfing, streaming movies and shows and reading the news is typically safe.
Where you begin to enter dangerous waters with public Wi-Fi is when you enter personal data like credit card information. Unsecured networks can be dangerous if you’re not protected, and in this case, protection can come in the form of a virtual private network (VPN). This software encrypts your wireless session while using a public network. Some devices even have a built-in VPN for your convenience. If you don’t have one, you can easily purchase one for as little as $5 per month.
Update Your Operating System
Updating your operating system when prompted offers more than cool new features like emojis. These system updates often include security improvements, which can include fixes for security flaws in the previous version. Failing to update your operating systems can leave you susceptible to hackers. Make a habit of updating your OS as soon as the newest version becomes available.
Evaluate Your App Usage
You may think there’s no harm in keeping dozens of apps on your phone, but if you’re not utilizing them, they can do more damage than good. Too many apps leaves the potential for security holes, which can be used by hackers to access your personal data.
Evaluating your apps and deleting those you no longer use on a regular basis can be a good line of defense against a hack. And for the apps, you do use regularly, be sure they’re updated accordingly. You can do this by adjusting your settings to automatically download app updates. It is also a good rule of thumb to download apps only from legitimate sources, like iTunes or the Google Play store.
Lock Your Phone
The auto-lock function on your phone is an important one if you’re hoping to elude the prying eyes of hackers. A strong password is also a necessity. In addition to a passcode, set up a biometric security measure, such as a swipe, finger tap, or fingerprint. This will make it much more difficult for hackers to invade your device.
One general rule of thumb? The longer the password, the more secure it is. Consider custom numeric codes rather than important dates. If you’re running apps with personal information, be sure those are password protected, too.
The need for strong cybersecurity measures is now at an all-time high. Air Canada is just the latest to be affected, but if current trends are any indication, there will be plenty more attacks in the future. Solidifying and implementing a strong cybersecurity plan can help you minimize the chances of your data being stolen. Don’t help thieves steal from you!