Logo Header Menu

EasyJet data breached: over 9 million customers affected

The personal data of over 9 million EasyJet customers has been accessed by hackers, including over 2,000 users' credit card details EasyJet data breached: over 9 million customers affected image

EasyJet revealed today that the data breach was “highly sophisticated”, and that email addresses and travel details were accessed, including passport data.

The budget airline stressed that evidence has not yet come to light regarding misuse of data, however they would contact all affected customers.

“We are communicating with the approximately 9 million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing,” EasyJet stated, following recommendations to do so from the Information Commissioner’s Office (ICO).

“We would like to apologise to those customers who have been affected by this incident,” said Johan Lundgren, chief executive of EasyJet.

“Since we became aware of the incident, it has become clear that owing to Covid-19, there is heightened concern about personal data being used for online scams.

“As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”

Data protection in the time of Covid-19: an unprecedented challenge

Michelle Rule, associate at Thomson Snell & Passmore LLP, explores the impact on data protection in the time of Covid-19. Read here

Jake Moore, cyber security specialist at ESET, commented: “The biggest problem for EasyJet now is to get this information out to all their customers and make them safe.

“When the security notification first pops up, the procrastinators will forget about it, and think it won’t happen to them. However, when something like this occurs, the truth is that money can be stolen, and large amounts too.

“For those people who have fallen victim to this attack, it would be a good idea to use the card monitoring service offered, or better still cancel the card that was used.

“Once card information like this is stolen, it’s a race against time for the criminals to start using it before the owner is notified and cancels it. Much of this information is sold on the dark web, with higher prices closest to when the breach occurred.”

Matt Middleton-Leal, general manager EMEA & APAC at Netwrix, meanwhile, believes that the breach will prove a puncture in customer trust in EasyJet’s data protection.

“While it is impossible to have 100% security, it seems clear EasyJet did not have appropriate control over their data, and may well lose customer confidence as a result,” he said.

“As the travel industry weathers the COVID-19 storm, it is imperative that airlines maintain the trust of loyal customers and new potential travellers, especially as communication with customers still remains solely virtual.

“Despite airlines currently well below flying capacity, and the majority of aircraft grounded, security for the travel industry must still be paramount, especially with the ‘cyber-pandemic’ rising alongside the COVID-19 disease as COVID-related phishing attacks have been on the rise, with people falling victim more often during this period.”

ICO sets out regulatory approach during the coronavirus pandemic

The Information Commissioner’s Office (ICO) has announced its regulatory approach to data protection during the coronavirus crisis. Read here

Regulatory steps

The aviation industry has been hit hard by the current pandemic, with flights worldwide being put on hold and customers staying at home, and so any potential penalties issued by the ICO may be withheld under the circumstances.

“As nine million customers’ data has been accessed, it is a significant breach,” said Matt Walmsley, director EMEA at Vectra. “Even if EasyJet were found to be significantly accountable by the ICO, I doubt there would be much appetite for a big GDPR fine when the sector is already on its knees and close to collapse for some airlines.”

We support technology leaders and businesses that utilise technology solutions with useful guides and advice. With remote working becoming the de facto due to the recent outbreak of coronavirus, our content can help smooth this transition for your business. Submit your details here to receive regular updates on this and more direct to your inbox.

Sign up for Information Age Newsletters

Latest news

divider
Data Analytics & Data Science
Data is key to understanding demand in a post-lockdown world

Data is key to understanding demand in a post-lockdown world

29 May 2020 / Businesses in the UK and around the world are currently facing an extraordinary level of [...]

divider
Releases & Updates
London now global fintech hub as UK investment soars — Robert Walters

London now global fintech hub as UK investment soars — Robert Walters

28 May 2020 / Fintech investment deals in the UK have outpaced those in the US and Europe, according [...]

divider
People Moves
Unruly appoints Alex Khan as UK managing director

Unruly appoints Alex Khan as UK managing director

28 May 2020 / Prior to taking on the role at video advertising tech firm Unruly, Khan served as [...]

divider
Releases & Updates
Diversity to be less important to growth post-pandemic, say 14% of firms

Diversity to be less important to growth post-pandemic, say 14% of firms

28 May 2020 / This finding came despite 68% of respondents to the study, carried out by Attest, declaring [...]

divider
Cybersecurity
Taking responsibility for cyber security in a truly virtual world

Taking responsibility for cyber security in a truly virtual world

28 May 2020 / Covid-19 has made virtual working a true reality in 2020. Millions of workers are engaging [...]

divider
Coronavirus Diary
Coronavirus Diary: how the crisis is changing c-suite tech recruitment

Coronavirus Diary: how the crisis is changing c-suite tech recruitment

27 May 2020 / C-suite tech recruitment is a nuanced process. On the one side, there’s the candidate and [...]

divider
People Moves
Doctor Care Anywhere appoints Ben Kent as COO

Doctor Care Anywhere appoints Ben Kent as COO

27 May 2020 / Kent joins Doctor Care Anywhere as COO as the company aims to drive growth in [...]

divider
Utilities
Maximising the value of data at SSE Energy Services

Maximising the value of data at SSE Energy Services

27 May 2020 / Never before has data been so critical and so relied upon, as we have seen [...]

divider
Business & Strategy
Rebuilding our broken economies starts with market-level collaboration

Rebuilding our broken economies starts with market-level collaboration

27 May 2020 / In times of crisis, collaboration is critical – and this is no less true in [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest