British low-cost carrier easyJet has revealed that the data of as many as nine million of its customers has been compromised. The airline describes a ‘highly sophisticated’ cyberattack on its systems, which have disclosed email addresses and travel details of millions.
More than 2,000 credit card details stolen
easyJet has become the latest airline to fall victim to a cybercrime. The airline says that a sophisticated cyber-attack has led to the details of as many as nine million passengers being leaked.
Of the nine million affected passengers, 2,208 had their credit card details stolen, reports the Guardian. The airline says it will contact the affected customers directly within the next few days to advise them of the attack.
Although this is likely to be profoundly worrying for the airline’s customers, easyJet has said there is no evidence that the personal information has been misused in any way. In a statement carried by the Guardian, chief executive Johan Lundgren said,
“We would like to apologise to those customers who have been affected by this incident.
“Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”
Advice to customers
The airline says it has closed off the unauthorized access, and is working with the Information Commissioner’s Office (ICO) and National Cyber Security Centre. It said all nine million passengers would be contacted with advice regarding protective steps to minimize the risk of potential phishing.
In a statement, the airline said,
“We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications.
“We also advise customers to be cautious of any communications purporting to come from easyJet or easyJet Holidays.”
easyJet is not the first airline to be hit with a cyber-attack. In 2018, British Airways was hit with a data breach that affected around half a million passengers. It cost the airline a substantial £183m fine as a result.
A crucial time for easyJet
This bad press couldn’t have come at a worse time for easyJet. As well as contending with the fallout from the coronavirus crisis, the airline is also dealing with internal issues as threats from founder and major shareholder Sir Stelios Haji-Ioannou continues his assault on the controversial Airbus order.
Sir Stelios wants the airline to cancel the order entirely and has even offered a £5m bounty to any whistleblower prepared to come forward with information that would help his cause. An extraordinary general meeting is set for Friday, which will serve to provide a platform for voting on some of the founder’s propositions.
Haji-Ioannou is looking to oust the chairman, chief executive and finance boss. Shareholders will vote on these proposals at the Friday meeting.
Are you a passenger with easyJet? Are you worried about the data breach? Let us know in the comments.