UK budget airline easyJet revealed a huge data breach impacting 9 million customers and involving more than 2,000 credit-card details.
EasyJet became the victim of a highly sophisticated attack in which nine million customers’ email addresses and travel details were exposed. The hackers also managed to gain access to 2,208 credit-card details.
All the impacted customers will be contacted by the airlines within May 26. The company however did not reveal when the breach occurred or how it happened. They have notified the UK’s Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) and also hired a digital forensics expert to investigate the incident.
The ICO advised easyJet to disclose the breach as the customers are at risk of becoming targeted by phishing attacks. All the customers are recommended by the airlines to stay alert for uninvited communications. But there is no evidence of any personal information being misused.
Johan Lundgren, CEO of EasyJet said that they take the cybersecurity of their systems very seriously and have strong security measures to protect their customers’ personal information. He assured that all the affected customers would be contacted immediately.
He also added that it is an evolving threat as threat actors get more sophisticated. The company would continue to invest in protecting their customers, systems, and data.