EasyJet Customer Data Hacked

EasyJet Customer Data Hacked

EasyJet Customer Data Hacked
EasyJet has admitted that a “highly sophisticated cyber-attack” has affected approximately nine million customers. It said email addresses and travel details had been stolen and that 2,208 customers had also had their credit card details “accessed”.

The firm has informed the UK’s Information Commissioner’s Office while it investigates the breach.

EasyJetEasyJet first became aware of the attack in January.

It told the BBCBBC that it was only able to notify customers whose credit card details were stolen in early April.

“This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted,” the airline told the BBC.

“We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed.”

Stolen credit card data included the three digital security code – known as the CVV number – on the back of the card itself.

EasyJet added that it had gone public now in order to warn the nine million customers whose email addresses had been stolen to be wary of phishing attacks.

It said that it would notify everyone affected by 26 May.

It did not provide details about the nature of the attack or the motives, but said its investigation suggested hackers were targeting “company intellectual property” rather than information that could be used in identity theft.

“There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing.

“We are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays.”

In response to the breach, the ICO said that it was investigating.

“People have a right to expect that organisations will handle their personal information securely and responsibly. When that doesn’t happen, we will investigate and take robust action where necessary.”

It also warned people to be on the lookout for phishing attacks and directed them to its advice on its website on how to spot such scams.

Related PostsSpecialist Tree Surgery Services Business Interruption Insurance Why Does Your Business Need Local SEO? Black Hat SEO: What to Avoid Doing Carter Fabrications. Industrial Construction & Renovation