Air Canada reported that they detected unusual login behavior in their mobile app between August 22-24, 2018. The airline states that they immediately took action to block these attempts and implemented new protocols to prevent further unauthorized attempts. According to the airline, "as an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data." Approximately 20,000 users may be impacted by this data breach.
Passenger profile information that is stored in the Air Canada app may include "Aeroplan number, Passport number, NEXUS number, Known Traveler Number, gender, birthdate, nationality, passport expiration date, passport country of issuance and country of residence."
For more information on this data breach and steps you can take if your account was compromised, visit Air Canada's website.
This article from the BBC was also used as reference for this post.