Air Canada, the Canadian flag bearing airline, has suffered a major data breach that could pose a massive ID fraud risk for customers. The breach is down to bad password management approaches, with Air Canada’s own rules and guidelines on password management being named as the main culprit. The lack of a ‘strong’ password framework has allowed a major ID fraud and brand damaging experience to impact the airline.

The company believes the its financial data is secure due to enhanced encryption processes. However, with 1.7 million customers being “locked out” of their accounts, insiders believe a ‘mere’ 20,000 users have been directly impacted. The company has sent a gentle password reminder to all customers.

The breach could see names, email addresses and phone numbers along with passport data accessible in the data breach. The company has released a statement:

‘Air Canada has recommended that its customers “regularly review their financial transactions, be aware of any changes to their credit rating, and contact their financial services provider” if they become aware of the unusual activity.’