EasyJet reveals cyber-attack exposed 9m customers’ details

Serviceteam IT Security News
EasyJet has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyber-attack on the airline.

The company said on Tuesday that email addresses and travel details were accessed and it would contact the customers affected.

Of the 9 million people affected, 2,208 had credit card details stolen, easyJet told the stock market. No passport details were uncovered.

Those customers whose credit card details were taken have been contacted, while everyone else affected will be contacted by 26 May.

EasyJet did not immediately give details of how the breach occurred, but said it had “closed off this unauthorised access” and reported the incident to the National Cyber Security Centre and the Information Commissioner’s Office (ICO), the data regulator.

The breach is one of the largest to affect any company in the UK, and raises the possibility of easyJet paying a large fine at a time when the coronavirus pandemic has put it under severe financial pressure.

British Airways was fined £183m in July 2019 after hackers stole the personal information of half a million customers. In the same month, the hotels group Marriott was fined £99.2m for a breach that exposed the data of 339 million customers worldwide.

The ICO recommended easyJet contact everyone affected because of an increased risk of phishing fraud, the airline said.

The ICO’s power to fine companies has increased under the EU’s General Data Protection Regulation.

EasyJet said “there is no evidence that any personal information of any nature has been misused”.

Sign up to the daily Business Today email or follow Guardian Business on Twitter at @BusinessDesk

The easyJet chief executive, Johan Lundgren, said: “We would like to apologise to those customers who have been affected by this incident. Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams.

“As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”

Source: The Guardian

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

/by
You might also like
Serviceteam IT Security News CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016
Serviceteam IT Security News Prevent database is secure but not secret | Letter
Serviceteam IT Security News DUHK Attack Exposes Gaps in FIPS Certification
Serviceteam IT Security News Welcome to the NCSC Blog
Serviceteam IT Security News Let them paste passwords
Serviceteam IT Security News VMware Patches Bug That Allows Guest to Execute Code on Host