EasyJet cyberattack exposes personal data of 9 million customers


Budget carrier EasyJet hacked: travel information and also some credit card details breached by the attackers

EasyJet hack

EasyJet hack

One of the largest airline carriers in the UK, EasyJet, has suffered a cyberattack that affected the personal information of its customers. According to the notice posted by the travel company on May 19,[1], approximately 9 million people were affected by the data incident, and information like travel details and emails were breached. Out of the affected individuals, 2,208 also had their credit card details exposed during the attack. EasyJet also revealed that no passport details were affected by the hack.

According to EasyJet’s statement, the company immediately contained the attack (the point of access is no longer available for malicious actors) and contacted the relevant authorities, including the Information Commissioner’s Office (“ICO”) and National Cyber Security Centre in the UK.

Chief Executive Officer Johan Lundgren of EasyJet apologized for the incident in an online statement:

We take the cyber security of our systems very seriously and have robust security measures in place to protect our customers’ personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated. <…> Every business must continue to stay agile to stay ahead of the threat. We will continue to invest in protecting our customers, our systems, and our data. We would like to apologise to those customers who have been affected by this incident

A “sophisticated” source of attack

In its statement, EasyJet did not specify what type of cyber incident it was, although it did mention that the attack was performed by a “highly sophisticated source.” The company also said that there is no evidence that the accessed information has been misused (so far).

Upon discovering the intrusion, EasyJet immediately began taking care of the customers – it immediately informed individuals whose credit card details were affected, and will reach our for all the remaining ones by the end of May 26.

Data breaches, as such, can be significantly threatening to customers affected, as the information can be sold in the underground forums for misuse. The affected users can expect to receive phishing emails from EasyJet and EasyJet travel that look like original ones and trick them into disclosing more sensitive data or infiltrating malware into their devices.

According to Bloomberg,[2] passengers who had their credit card disclosed were contacted about the incident in April and were offered all-around support, which also included a 12-month credit monitoring service for free.

Aviation industry is very much in hackers’ interests

Stationed in London Luton Airport, EasyJet is one of the largest UK carriers that specializes in low-cost holidays and flights. It carries over 96 million passengers yearly to more than 1,000 destinations in 30 countries and employs 337 Airbus aircraft for the job.

According to some sources, the EasyJet hack occurred in January 2020, before the coronavirus pandemic began. Due to the outbreak, traveling is very limited, and travel companies suffer high financial losses, so it would be an unusual time to attack airline carriers during this time. However, before the global crisis, cybercriminals targeted various airlines,[3] stealing a variety of personal and sensitive details about their customers.

British Airways, another big UK carrier, was also hit by a cyberattack on its website and the mobile app, which resulted in the exposure of credit cards and other personal details of 500,000 customers.[4]  The company was fined the record-breaking sum of $230 million for negligence.

In late October 2018, a data breach of Cathay Pacific airline has resulted in the exposure of highly sensitive information (passport numbers, credit card details, etc.) of 9.4 million passengers, making it the largest data breach in the aviation industry.[5]