App was down for a few days and I just received an email from AC stating that about 20,000 ID's were hacked and mine was one of them. Change of password etc. was recommended. In this email they suggest a 10 character PW but the app only asks for 8. See email below.
We detected unusual log‑in behaviour with Air Canada’s mobile App between Aug. 22‑24, 2018. We immediately took action to block these attempts and implemented additional protocols to protect against further unauthorized attempts. As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.
Am I affected?
During our investigation, we determined during the time period from Aug. 22‑24, 2018, approximately one per cent or 20,000 user profiles of our 1.7 million Air Canada mobile App accounts may have been improperly accessed. We have since determined your user profile is among these accounts.
What information may have been accessed?
Basic profile data stored on the Air Canada mobile App account includes your name, email address, and telephone number.
Information that you may have added to your profile includes: Aeroplan number, Passport number, NEXUS number, Known Traveler Number, gender, birthdate, nationality, passport expiration date, passport country of issuance and country of residence.
Is my information protected?
Credit cards that are saved to your profile are protected by encryption and are not accessible to those with unauthorized access.
Your Aeroplan password is not stored on your Air Canada mobile App account.
The Government of Canada’s passport website https://www.canada.ca/en/immigration-refugees-citizenship/services/canadian-passports/security/protect-fraud.html
advises that the risk of a third party obtaining a passport in your name is low if you still have your passport, proof of citizenship and supporting identity documents. Also according to the website, the Government of Canada cannot issue a new passport to anyone based on only the information found in a passport.
What should I do?
To reactivate your account, please reset your password by following the prompts on the Air Canada mobile App the next time you log‑in, or by clicking on the link at the end of this message. You will find tips to reset your password below. The implementation of a more robust password provides you with an extra layer of protection.
Reset your password
Your new password must be a minimum of 10 characters. Here are some helpful tips in creating your new password:
• Minimum of 10 characters which must contain at least 1 uppercase letter, 1 number, 1 symbol/special character, 1 lowercase letter
• Do not use your old password
• Do not use your name or something easily associated with you
• Do not use your Air Canada mobile App password with other accounts
You can reset your password by following the prompts when you next log‑in to your Air Canada mobile App, or you may reset your password now or you may also go to https://services.aircanada.com/portal-web/mobile/profile?action=resetpwd&locale=en
For more information
Your privacy and the protection of your data are extremely important to Air Canada. Our security is multi-layered, and we work with leading industry experts to continuously improve our practices as technology and security procedures evolve. You can continue using Air Canada’s mobile App with confidence.
We sincerely regret any concern or inconvenience this may cause you. If you have additional questions, please refer to the information posted on aircanada.com, or you may contact us here https://accc-prod.microsoftcrmportals.com/en-CA/air-canada-contact-us/ or alternatively, you may contact us at 1-855-541-0738. We will update the information on aircanada.com as it becomes available.
Senior Vice President, Chief Information Officer
lifetime MM: 3,221,106.
Funny, I got the same email, but I only use the basic app, not the AC Mobile+.
I don't have almost any personal information in the app, just name, Aeroplan number, phone number, and email address. No credit card, no passport info, etc. Still, not a bad time to change passwords.
Insert signature here