Canadian airline WestJet is investigating an ongoing cybersecurity incident affecting its internal systems, mobile app, and website, prompting intermittent service disruptions for users.
While operational safety remains intact, the airline is working with regulators and law enforcement to assess the scope and source of the breach.
WestJet systems impacted for days
The incident was first acknowledged by WestJet on June 13, 2025, when the company reported restricted access to its mobile app and internal systems. In response, WestJet activated specialized cybersecurity teams and notified Transport Canada and other relevant authorities. The company emphasized that the disruption has not impacted the safety or stability of its flight operations.
By June 14, the airline confirmed that some digital services and software systems continued to be affected, with users encountering login issues and errors on both the app and website. WestJet’s internal teams have since been engaged in containment and remediation efforts, though no details have been disclosed about the type of threat actor involved, the method of intrusion, or whether sensitive data has been compromised.
WestJet is Canada’s second-largest airline, operating over 700 daily flights across North America, Europe, and the Caribbean. It carries more than 25 million passengers annually and plays a critical role in connecting regional hubs with international destinations. Any cybersecurity incident affecting its infrastructure, therefore, carries significant implications for both consumers and the broader transportation ecosystem.
As of June 15, intermittent issues persist for some users, but WestJet reiterates that flight operations remain unaffected. The company states it is continuing work to “safeguard [its] digital environment” and that progress is being made in restoring full service. Updates are being issued at least every 12 hours to maintain transparency, although no specific timeline for full resolution has been provided.
WestJet has not attributed the incident to a specific threat group, nor has it stated whether ransomware, unauthorized access, or data exfiltration are involved. The language of the advisory suggests a focus on containment, and the cooperation with law enforcement points to a potentially serious breach. However, without additional technical disclosures, the nature and severity of the compromise remain speculative.
In the meantime, CyberInsider could not find any public disclosures of stolen data or claims by ransomware gangs on their respective extortion portals.
WestJet advises customers and employees to remain vigilant. Potentially impacted individuals should avoid clicking on suspicious emails or text messages that may attempt to exploit the situation through phishing or social engineering tactics. Customers are also urged to monitor their accounts for unusual activity and change passwords as a precaution.
Leave a Reply