Air Canada Mobile App Breach Affects 20,000 People
1.7 million use the app, but only about 1% may have been compromised
Air Canada says the personal information for about 20,000 customers "may potentially have been improperly accessed" via a breach in its mobile app, so the company has locked down all 1.7 million accounts as a precaution until customers change their passwords.
The airline told customers in an email that it "recently detected unusual log‑in behaviour with Air Canada's mobile App between Aug. 22‑24, 2018."
The company estimates about one per cent of the 1.7 million people who use the app may have been compromised.
The app stores basic information such as a user's name, email address and telephone number, all of which could have been improperly accessed.
Any credit card information on file would have been encrypted and as such protected, the company says.
But additional data such as a customer's Aeroplan number, passport number, Nexus number, known traveller number, gender, birth date, nationality, passport expiration date, passport country of issuance and country of residence could have been accessed, if users had them saved in their profile on the app.
As long as app users still have a valid passport and other pieces of supporting documentation, the government says the risk of someone filing for and receiving a new passport in their names is low.
Air Canada said it hasn't detected any improper log-in activity since last Friday, and it is in the process of contacting the 20,000 people directly affected.
In the meantime, the company has locked down all mobile app accounts and is instructing users to reset their passwords.
But many users on social media reported having difficulties doing so, likely due to the volume of people attempting to log on. The company advises anyone looking to get into the app to keep trying.
Chester Wisniewski, principal research scientist at cybersecurity firm Sophos says any stolen information isn't likely to be overly problematic, but it does raise more concerning questions about practices behind the scenes.
"You never want someone to know your name, your birthday and your passport," he said.
He says he thinks its unlikely that the company was targeted by hackers, but rather was simply caught off-guard by an enterprising cybercriminal.
"I suspect hackers stumbled across a bug in the API," he says, referring to the acronym for the application programming interface which is how the app communicates with Air Canada's servers on the back end.
"I don't think they were targeting Air Canada or they were intent on stealing specific info, there's a lot of hackers who are just scrolling the internet looking for doors that are ajar," he said.
"If they find a door that's open they start monkeying around."
He's concerned that the company has advised all customers — even those who's information wasn't accessed — to change their passwords.
Because it's limited to only eight characters, "their password policy was rather antiquated which suggests they weren't doing it right to begin with," he said. "If you stored them correctly you wouldn't do that."
- Mission Critical Shift Engineer
- Up to £42,000 Base
A Mission Critical Shift Engineer is needed for an international data centre business in St Albans The Mission Critical Shift Engineer will be responsible for M+E engineering (support, installations, reactive/pro-active works etc.) The role will work a continental shift pattern, 4 on – 4 off. Alternating between days and nights. Other responsibilities include; Optimisation of Data Centre Infrastructure Maintenance and upgrades of M+E infrastructure. Smooth operations of the data centre property Developing a draft specification of new and other electrical projects Commission of upgrades a new equipment Requirements Electrical Engineering Degree / HNC / HND NVQ Level 3 & Testing & Inspection Qualifications Current engineering experience in a Data Centre / Data Center Environment Unfortunately, our client is unable to provide sponsorship for this opportunity and the candidate must be commutable to London. (Data Centre Jobs, Data Center Jobs, Electrical Engineering Jobs, Electrical Engineer Jobs) Ref PG7616
- Sales Engineer (Telecoms & Cloud Services)
- Upto £85,000 + 20% bonus + benefits
Sales Engineer / Presales Consultant to focus on Cloud services is needed for this Global Tier 1 carrier. You will be working with Enterprise customers helping to design Cloud solutions. You will be responsible for working alongside sales providing presales technical consultancy around my client's cloud services. You will be responsible for providing support for new business opportunities in terms of responding to RFIs & RFPs, understanding customer network requirements, high-level network architecture & design (including supplier selection on a global basis) and technical handover to network implementation teams. This is a great opportunity to join a global player who are growing their Cloud services. You will require a successful track record in the telecommunications arena ideally from a global tier 1 ISP or network provider, with a demonstrable track record in designing complex enterprise solutions. A Sales Engineer needs to be technically astute and has had experience in the design, presentation, and implementation of Wide Area Networks (WAN). They need to understand a range of Layer 1, 2, and 3 technologies (Ethernet, SDH, MPLS, IP, etc) and build a solution based on the best technology to meet a customer’s requirements. In addition, they should have an understanding and experience in Infrastructure solution design for optimising end-user experience when interacting with enterprise platforms notably MS O365, SFDC, Azure and AWS Unified threat Management security solutions (i.e. firewall, IPS/IDS, web filtering and proxy) Network routing and switching protocols and technologies (esp. Cisco) SD-WAN and SDN technologies Skilled Experience in designing and deploying hybrid cloud architectures and managing migrations from physical to virtual environments If you have any questions about this role, give us a call on 0044208 663 4030 or contact/send your CV to email@example.com Ref RA7292 (Telecommunications Jobs, Telecoms Jobs, Cloud Computing Jobs, Cloud Jobs, Presales Jobs, Sales Engineer Jobs, Sales Engineering Jobs)
- Data Scientist (Analytics)
- Up to £50,000 Base
Data Scientist - Analytics London Up to £50,000 Base Ref: PG7641 We are currently working with a Services business who are currently looking for a Data Scientist (Analytics) who has client-facing experience within the insurance industry. The Data Scientist (Analytics) will be responsible for tasks such as; Developing, deploying & testing state of the art Machine learning technology Framing business questions, testing hypothesis, and demonstrating analytical models. Stakeholder Engagement Pricing Optimisation. BAU Experience Required Client Facing experience within Insurance business's Pricing Optimisation Machine Learning; Clustering, Regression, Decision trees etc. Strong background in Python including modelling knowledge, ideally Pyspark AWS Cloud (Data Processing & Cleaning)
- Sales Director (Telecommunications)
- Up to £150,000 Package
Our client is looking for a proven, enthusiastic, roll-your-sleeves-up, customer connected Sales Director who is committed to coaching the team, aggressively growing the business and personally engaging and owning New Logo opportunities to accelerate the step change in our client’s business. You will define and implement a sales strategy to meet and exceed annual revenue and operating profit targets and achieve this with a passion for excellence, and commitment to coaching your team of 5 heads. Also, you will get to execute a world-class acquire strategy and personally engage and influence key buyer stakeholders primarily across EMEA to secure Net New logo wins in the enterprise vertical. Requirements Knowledge in the following areas Wide Area Network (WAN) Technologies (IPLC, ATM, IP); and Managed Cloud / Hosting Services At least 2 years’ experience in managing a sales team with Global accounts ideally with a major carrier. Leadership qualities to lead and manage the sales team to achieve the sales target. Ability to work with internal stakeholders and resources in various departments and in various positions in order to deliver revenue objectives. Ensure global accounts are retained and have robust defence, service, engagement, and account development plans to deliver in year and sustainable growth If you have any questions about this role, give us a call on 0208 663 4030 or contact/send your CV to firstname.lastname@example.org Location: London Salary: Up to £150.000 package Ref: BD7637