Email regarding compromised App data
#1
Original Poster
Join Date: Jan 2012
Location: YYZ
Posts: 68
Email regarding compromised App data
Hello all,
A few hours ago I received an email that appears to be legitimate from Air Canada regarding what seems to have been attempts to use the Air Canada app to obtain user data.
The email states that from August 22-24 there were unauthorised attempts to log in to various accounts using the app and some 20,000 customers have been affected, including myself.
It appears that all user information was able to be accessed including any information you added to the app beyond basic user data (name, email, phone number) which may include Aeroplan number, Passport information, Nexus, Known Traveller info etc
Credit Card information they advise was not accessible, nor was Aeroplan passwords.
The email states that all Air Canada mobile app accounts have been locked and the password must be reset with new more stringent requirements.
All in it looks very legitimate but phishing emails are getting more and more sophisticated. So before I go doing anything, has anyone else received the same and does anyone have any information whether this is legitimate or not. Don't see any mention of this on the Air Canada website or social media channels so I'm suspicious however on the app my account has been locked.
A few hours ago I received an email that appears to be legitimate from Air Canada regarding what seems to have been attempts to use the Air Canada app to obtain user data.
The email states that from August 22-24 there were unauthorised attempts to log in to various accounts using the app and some 20,000 customers have been affected, including myself.
It appears that all user information was able to be accessed including any information you added to the app beyond basic user data (name, email, phone number) which may include Aeroplan number, Passport information, Nexus, Known Traveller info etc
Credit Card information they advise was not accessible, nor was Aeroplan passwords.
The email states that all Air Canada mobile app accounts have been locked and the password must be reset with new more stringent requirements.
All in it looks very legitimate but phishing emails are getting more and more sophisticated. So before I go doing anything, has anyone else received the same and does anyone have any information whether this is legitimate or not. Don't see any mention of this on the Air Canada website or social media channels so I'm suspicious however on the app my account has been locked.
#4
Join Date: Oct 2015
Location: Economy, mostly :(
Programs: Skywards Gold
Posts: 7,801
Seems like an easy way to check this would be to try log in to the app and see if your account is indeed locked. If so then reset it in the app, obviously don't click anything in the e-mail
#7
Join Date: Dec 2007
Location: Greater Metropolitan Area
Programs: Yes
Posts: 367
I requested a password reset from within the app - but I'm getting "The reset link is invalid. Please try again from the link sent in your Air Canada mobile+ reset email". That's the one I'm trying.
I then tried the earlier link from the "Phishing" email. Same error. So now neither reset link works.
Great job Air Canada - what a great way of improving security, by sending an unsolicited email including a password reset link that then doesn't work after you've tried resetting through the app, which in itself doesn't work...
I then tried the earlier link from the "Phishing" email. Same error. So now neither reset link works.
Great job Air Canada - what a great way of improving security, by sending an unsolicited email including a password reset link that then doesn't work after you've tried resetting through the app, which in itself doesn't work...
#9
Original Poster
Join Date: Jan 2012
Location: YYZ
Posts: 68
Yes confirmed legitimate with Twitter team, link here to official release
https://www.aircanada.com/ca/en/aco/home/book/travel-news-and-updates/2018/notice-air-canada-mobile-app-users.html
Pretty unhappy that this went of for up to 2 full days. Thankfully I had almost no information stored on the app. Also not very helpful to be told that my account "may" have been accessed. Surely they know if it was or wasn't. Whole different World between one or the other. If someone tried and failed to get in then its just a minor inconvenience resetting the password, if they did get in and accessed information that's another thing entirely.
Would like to know one way or the other.
https://www.aircanada.com/ca/en/aco/home/book/travel-news-and-updates/2018/notice-air-canada-mobile-app-users.html
Pretty unhappy that this went of for up to 2 full days. Thankfully I had almost no information stored on the app. Also not very helpful to be told that my account "may" have been accessed. Surely they know if it was or wasn't. Whole different World between one or the other. If someone tried and failed to get in then its just a minor inconvenience resetting the password, if they did get in and accessed information that's another thing entirely.
Would like to know one way or the other.
#10
Join Date: Jan 2015
Location: YQB
Programs: AC SE100K-1MM, Bonvoy Gold, HHonors Diamond, VIA Premier, NEXUS/GE
Posts: 816
I requested a password reset from within the app - but I'm getting "The reset link is invalid. Please try again from the link sent in your Air Canada mobile+ reset email". That's the one I'm trying.
I then tried the earlier link from the "Phishing" email. Same error. So now neither reset link works.
Great job Air Canada - what a great way of improving security, by sending an unsolicited email including a password reset link that then doesn't work after you've tried resetting through the app, which in itself doesn't work...
I then tried the earlier link from the "Phishing" email. Same error. So now neither reset link works.
Great job Air Canada - what a great way of improving security, by sending an unsolicited email including a password reset link that then doesn't work after you've tried resetting through the app, which in itself doesn't work...
Not very useful to say the least.
#11
Join Date: Aug 2018
Programs: SkyPesos -> MVP Gold 100K
Posts: 680
Same here. Seems like AC forgot to include Mobile+ when they re-hauled their website.
#12
Join Date: Oct 2013
Location: YEG
Programs: AC Lifetime SE100K, 3MM, SPG Lifetime Plat, Hertz PC, National Executive Elite
Posts: 2,901
Also not very helpful to be told that my account "may" have been accessed. Surely they know if it was or wasn't. Whole different World between one or the other. If someone tried and failed to get in then its just a minor inconvenience resetting the password, if they did get in and accessed information that's another thing entirely.
Would like to know one way or the other.
Would like to know one way or the other.
"Am I affected?
During our investigation, we determined during the time period from Aug. 22‑24, 2018, approximately one per cent or 20,000 user profiles of our 1.7 million Air Canada mobile App accounts may have been improperly accessed. We have since determined your user profile is among these accounts."
So, it looks like, if they can determine that your account was affected, they tell you. Perhaps, if they haven't detected improper activity in account, they can't necessarily prove it didn't happen.
#13
Join Date: Nov 2017
Posts: 3,359
My letter says
"Am I affected?
During our investigation, we determined during the time period from Aug. 22‑24, 2018, approximately one per cent or 20,000 user profiles of our 1.7 million Air Canada mobile App accounts may have been improperly accessed. We have since determined your user profile is among these accounts."
So, it looks like, if they can determine that your account was affected, they tell you. Perhaps, if they haven't detected improper activity in account, they can't necessarily prove it didn't happen.
"Am I affected?
During our investigation, we determined during the time period from Aug. 22‑24, 2018, approximately one per cent or 20,000 user profiles of our 1.7 million Air Canada mobile App accounts may have been improperly accessed. We have since determined your user profile is among these accounts."
So, it looks like, if they can determine that your account was affected, they tell you. Perhaps, if they haven't detected improper activity in account, they can't necessarily prove it didn't happen.
"Am I affected?
As a result of our analysis, we are confident your account was not affected by these unauthorized attempts. As an additional security precaution however, we have locked all Air Canada mobile App accounts to further protect customer data.
To reactivate your Air Canada mobile App account, please see the instructions below or follow the prompts the next time you log into your Air Canada mobile App.
Your privacy and the protection of your data are extremely important to Air Canada. Our security is multi‑layered, and we work with leading industry experts to continuously improve our practices as technology and security procedures evolve. "
I'll update this later I guess (keeping it locked till I absolutely need to use that login feature).
Safe Travels,
James
#14
FlyerTalk Evangelist
Join Date: Sep 1999
Location: Toronto, Ontario, Canada
Programs: OWEmerald; STARGold; BonvoyPlat; IHGPlat/Amb; HiltonGold; A|ClubPat; AirMilesPlat
Posts: 38,186
Using the reset link in the reply email still just gets me to the regular booking screen with no way to get to a screen letting me reset my password. Major AC screw up!
#15
Join Date: Sep 2014
Programs: AC SEMM
Posts: 1,379
So I just tried to access the app and it prompted me to reset my password. However that just led me to the login screen and, of course, my old password did not work. There was no "Reset Password" function.
A short time later I got this email:
Clicking on the reset link (which appears to be a legit link on services.aircanada.com) just takes me to the main AC page as reported elsewhere in this thread
What a gong show
A short time later I got this email:
Dear Geoflying,
We noticed unusual login behaviour with your Air Canada mobile+ account, or you may have forgotten your password.
To ensure your safety and as a precaution, we've temporarily deactivated your account.
To reactivate your account, please click the link below to reset your password.
<link redacted>
Thank you,
Air Canada mobile+ Team
We noticed unusual login behaviour with your Air Canada mobile+ account, or you may have forgotten your password.
To ensure your safety and as a precaution, we've temporarily deactivated your account.
To reactivate your account, please click the link below to reset your password.
<link redacted>
Thank you,
Air Canada mobile+ Team
What a gong show