U.K. based low-cost carrier, easyJet, suffered a “highly sophisticated” cyber-attack on Tuesday, May 19th, 2020. This attack made personal details and travel information of around 9 million easyJet passengers vulnerable and at the disposal of the hackers. Moreover, credit card details of 2,208 of the 9 million passengers have been leaked.
easyJet is one of the largest low-cost carriers in Europe. Photo by Dario Duppenthaler | AeroNewsX
The airline has already contacted the 2,208 customers whose credit card details have been compromised and informed them about the cyber-attack. Furthermore, easyJet, on the recommendation of the UK’s Information Commissioner’s Office (ICO), will contact the remainder of the people by May 26th, 2020. If a passenger hasn’t been contacted, that means their data has not been affected.
Already battling the economic downturn brought about by the COVID-19 pandemic with most of its flights grounded, easyJet could face hefty fines due to information and travel details of its passengers being leaked.
Chief Executive Officer Johan Lundgren said, “Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams.”
An easyJet Airbus A319. Photo by Jero Vida | AeroNewsX
The key source behind this attack is not known yet, as the airline only said that the attack came from ‘A Highly Sophisticated Source.” easyJet has said that as soon as it became aware of the attack it took immediate response steps and has also engaged forensic experts to look into the matter. The National Cyber Security Centre has also been informed.
To those affected, easyJet has advised them to look out for phishing emails, phone calls, and text messages as well as keep a close eye on credit card bills and activity and to not hand out any passwords and keep one's guard up all the time.
“We would like to apologise to those customers who have been affected by this incident,” said Lundgren.