May 19th 2020
Having recently grounded its entire fleet owing to the COVID-19 (Coronavirus) pandemic, budget airline EasyJet’s woes continue with the announcement today of a major cyberattack from a “highly sophisticated” source.
In the absence of further details, Get Safe Online is recommending that all customers change the passwords on their EasyJet account without delay, and also the passwords associated with other online accounts with the same login details. We are also urging customers to be vigilant for emails, phone calls and other approaches purporting to be from EasyJet, but which may be scams.
The airline allegedly first discovered the attack in January.
An EasyJet investigation has revealed that approximately nine million customers’ email addresses and travel details were compromised in the attack, while 2,208 had their credit card details exposed. It has committed to contacting affected customers by May 26. The company has informed the stock market that the unauthorised access has been closed off, and is also working with the NCSC (National Cyber Security Centre) and ICO (Information Commissioner’s Office – the UK data regulator).
In a statement, EasyJet CEO Johan Lundgren commented that the company takes the cyber security of its systems seriously but added: “however, this is an evolving threat as cyber attackers get ever more sophisticated.” He added: “We will continue to invest in protecting our customers, our systems, and our data,” he said. “We would like to apologise to those customers who have been affected by this incident.”