While digitalization brings joy through convenience, it also brings terror over privacy concerns when glitches and issues occur, causing sensitive information to be leaked. Unfortunately for some of WestJet's customers, their worst fears came as other users' personal data was made accessible and visible.

Ooops...that was quite the leak

The breach occurred on Wednesday afternoon, as once users had logged onto the airline's application other users' personal information was suddenly shown. Profiles of other users showed sensitive data ranging from date of birth, home addresses, email addresses, phone numbers, WestJet dollar and flight voucher details, flight itinerary details, and even the last four digits of a user's credit card number.

And if the situation was not bad enough, users reported that refreshing the application was not working either. Some users tried signing out and changing their passwords before re-signing in, but to no avail, as each time, a different user's information would be displayed instead of their own profile.

While the fiasco was blowing up all over social media, various users connected with others, claiming that they had seen each other's profiles on their applications, indicating how severe the technical glitch had been.

Fixed and resolved

In response to such a viral and concerning problem, WestJet confirmed that it was notified of the technical issue at 15:53 and had resolved the problem at 16:27, less than 40 minutes later. The carrier did not shed light on how many individuals' data had been impacted by the technological glitch but instead said it would continue providing updates and help to those affected.

It was also not known if the glitch was an internal issue or the possible work of a hacker. As for responding to the social media chaos, WestJet had taken to replying with the same generic response, having said in a statement:

"We sincerely apologize to our guests for this disruption and continue actively investigating the cause of this issue. We take the privacy of our guests extremely seriously and will continue to provide updates to our guests as required."

Afraid and unsatisfied

Despite the issue being resolved and WestJet apologizing, the airline's customers were far from happy with how it handled a grave situation. One customer was Paul Baines, who had seen more than five different profiles on his application and believed that the problems lasted much longer than WestJet indicated. However, calling the airline's service hotline proved fruitless. Perhaps what was most disappointing was the lack of an official new release from WestJet on its social media or website, which provided nothing to warn customers that their data had been breached.

In Baines' eyes, WestJet's poor handling was quite unprofessional, saying:

"We're now in a position of that data that got out of a secure environment. So do I trust using this company again? I would say my trust in the company has gone down."

Another dissatisfied customer was Cassandra Keough, whose profile was, unfortunately, one of the primary ones most users reported seeing on their applications. Perhaps what made the situation worse for Keough was learning that other than having her information leaked across several users' applications, she was trending on social media with various screenshots, albeit her information was blanked out. After attempting to reach WestJet through several offline channels, Keough had to get the airline's attention through Twitter, where she was met with the same generic responses.

And aside from the lack of a better response, other customers have expressed worry over not knowing if their information was among those leaked. Once again, asking the airline through its hotline or emails proved useless for several customers.

Others had tried changing their login information as standard procedure when privacy has been known to be breached but could not log in after changing their passwords. Eventually, the overwhelming inquiries on social media prompted the Canadian carrier to quit with the generic responses and asked these customers to send them a direct message instead.

Source: CBC