News & Comment: Air Canada mobile app breach affects 20,000 people | CBC News

Air Canada mobile app breach affects 20,000 people | CBC News


Air Canada says the personal information for about 20,000 customers “may potentially have been improperly accessed” via a breach in its mobile app, so the company has locked down all 1.7 million accounts as a precaution until customers change their passwords.




Samuel Bakken, Senior Product Marketing Manager, OneSpan:

“Thankfully the airline was able to detect the breach and keep the number of affected accounts to 20,000 – but tell that to the individuals whose privacy has been violated. Such an incident will affect victims’ — not to mention prospective customers’ — trust in Air Canada and may result in decreased usage of the mobile app or, in the end, customer defection. Banks and financial institutions know that maintaining trust in the mobile channel via strong authentication and security is absolutely imperative to customer acquisition and retention. The details of how the attackers gained access are scant at this point, but it sounds like strong, multifactor authentication integrated into the mobile app could potentially have prevented this unauthorized access. Many vendors offer easy to use mobile development toolkits that makes it easy to natively integrate advanced biometric authentication into their apps.”