easyJet, the largest airline in the UK recently disclosed a massive data breach that leaked private information of its more than 9 million customers.
Yesterday, the company issued a security incident statement saying that the targeted cyber attack on their systems was highly sophisticated in nature that stole around 9 million customers’ email addresses and travel details and credit card details of more than 2200 customers.
“As soon as we became aware of the attack, we took immediate steps to respond to and manage the incident and engaged leading forensic experts to investigate the issue. We also notified the National Cyber Security Centre and the ICO,” reads the notice of cybersecurity incident.
After the incident learning, EasyJet immediately secured their systems and closed this attack.
“There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately 9 million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing,” EasyJet stated.
EasyJet is reaching out to its relevant customers directly and will be notifying the remaining affected customers by May 26th, 2020.
Customers are complaining that they aren’t satisfied with the easyJet support:
This has been going on for weeks with @easyJet, I’ve still had no support or compensation. This was only 3000 customers impacted back then. Now it’s 9million? #easyjet #Hacking @GMB @piersmorgan https://t.co/VZwwotVmww— Samantha Burt (@SamBurt04) May 19, 2020
The data breach incident is still under investigation.
“Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams”, says Johan Lundgren, CEO at easyJet.
According to Reuters sources, two people with the knowledge of the investigation said that the attack appeared to be “part of a series by suspected Chinese hackers aimed at the bulk theft of travel records and other data”.