WestJet, an Alberta Partnership and Canadian commercial airline headquartered in Calgary, Alberta has notified United States residents of a recent cybersecurity incident that may affect certain individuals' personal information. On June 13, 2025, WestJet identified suspicious activity on its systems. WestJet immediately began its investigation and determined that these were the actions of a sophisticated, criminal third party, who gained unauthorized access to WestJet's systems. At no point was the safety and integrity of WestJet's airline operations in question.

WestJet engaged internal and external experts to perform a technical and forensic investigation to identify the nature and scope of the event. Unfortunately, WestJet confirmed that certain data was obtained from its systems. Since making that determination, WestJet conducted an analysis of that data to identify specific data elements and locate current contact information for certain United States residents who were impacted. As of September 15, 2025, WestJet completed that analysis and as a result is providing this notice. No credit card or debit card numbers, expiry dates and CVV numbers, and no guest user passwords were obtained.

The personal information involved in this incident varies from person to person. For most individuals, the type of personal information involved was not sensitive. However, for certain individuals the data may include information such as name, contact details, information and documents provided in connection with their reservation and travel, and data regarding their relationship with WestJet.