WestJet Data Breach Lawsuit

Legal Representation for Victims of Data Breaches in California

The Data Breach Attorneys at Potter Handy Law Firm have the knowledge and resources to thoroughly examine your case, conduct an investigation into the breach, and, when needed, fight for justice.

Potter Handy LLP is currently reviewing cases on behalf of individuals affected by the WestJet data breach. These individuals may have had their personal and confidential information illegally accessed by an unknown third party during the WestJet data breach. Potter Handy LLP will conduct a complimentary assessment of your data breach claim in order to safeguard the rights and privacy of all those impacted by the WestJet data breach.

We are only interested in claims that arose in California. Contact us today by filling out the form on this webpage to learn more about how we can help you with your case.

ABOUT WESTJET, AN ALBERTA PARTNERSHIP (“WESTJET”)

WestJet, an Alberta partnership, is a major Canadian airline and cargo carrier headquartered in Calgary, Alberta. Known for its commitment to customer service and competitive pricing, WestJet has earned a strong reputation in both domestic and international commercial aviation. However, a recent cybersecurity incident has drawn attention to the growing importance of robust digital security measures within the organization.

What Happened?

A recent report indicated that WestJet, an Alberta Partnership and Canadian airline, was involved in a data security incident that exposed sensitive personal information of approximately 1.2 million individuals. On or around June 13, 2025, WestJet detected suspicious activity in its systems. An investigation later confirmed that an unauthorized third party had gained access to company files containing personal data.

The breach, classified as an external system breach caused by hacking, was discovered on September 15, 2025. Analysis revealed that the compromised information may have included names, dates of birth, mailing addresses, passport or government-issued ID numbers, travel accommodation or complaint details, and, for WestJet Rewards members, account ID numbers and points balances. Credit card and debit card numbers, CVV codes, expiration dates, and account passwords were not impacted. Although WestJet confirmed that no credit card or debit card numbers, expiration dates, CVV codes, or account passwords were compromised, the exposure of other sensitive personal information may still pose a significant risk of fraud and identity theft to affected individuals.

On September 29, 2025, WestJet began issuing written notifications to affected individuals. In response to the breach, the company offered 24 months of complimentary identity theft protection and credit monitoring services through TransUnion Cyberscout. These services include alerts for changes to personal information and up to $1,000,000 in identity theft expense reimbursement insurance. WestJet has reported the incident to relevant law enforcement authorities, including the FBI. However, the delay between the breach’s occurrence and notification—over three months—may raise concerns under certain state and federal data protection laws in the United States.

Notification letters outlining the scope of impacted information and providing protective measures were sent to affected individuals following the conclusion of the investigation.

If you’ve received a notification about a data breach, it is vital to understand the seriousness of the situation. Your personal and protected health information may have been compromised, making it vulnerable to cybercriminals. Given these circumstances, it is essential to act swiftly by contacting our highly qualified Data Breach Lawyers. These attorneys can effectively protect your legal rights and ensure those responsible are held accountable.

By selecting a qualified Data Breach Lawyer, you can be assured that your interests are protected thoroughly during the entire case, providing you with peace of mind.

What Information Was Involved?

The breach exposed a wide range of sensitive data, putting individuals at risk of identity theft and fraud. The types of information exposed may include:

  • Names
  • Dates of birth
  • Mailing addresses
  • Passport or government-issued ID numbers
  • Travel accommodation or complaint details
  • WestJet Rewards account ID numbers
  • WestJet Rewards points balance

Although WestJet confirmed that no credit card or debit card numbers, expiration dates, CVV codes, or account passwords were compromised, the exposure of other sensitive personal information may still pose a significant risk of fraud and identity theft to affected individuals.

Protecting Consumers’ Privacy Rights Following the WestJet Data Breach

If you were notified that your information had been stolen as a result of the WestJet data breach, you may be entitled to compensation or other remedies.

Don’t wait until it’s too late to protect your rights and seek compensation. Contact us today by filling out the form on this webpage for a free consultation and to learn more about how we can help you with your case. Our attorneys are available 24/7 and there are no out-of-pocket expenses for our clients. Let us help you seek justice and hold companies accountable for their negligence in protecting personal information. Regrettably, we are unable to respond to phone inquiries. Free Consultations 24/7No out-of-pocket expenses.