British airline EasyJet announced that a “highly sophisticated” cyber-attack exposed email addresses and travel details of around 9 million of its customers.
“Following discussions with the Information Commissioner’s Office (“ICO”), the Board of easyJet announces that it has been the target of an attack from a highly sophisticated source.” reads a statement from the company. “Our investigation found that the email address and travel details of approximately 9 million customers were accessed.”
According to the company, hackers also accessed a small subset of customers and obtained credit card details for 2,208 of them, no passport details were exposed.
“Our forensic investigation found that, for a very small subset of customers (2,208), credit card details were accessed.” continues the company.
At the time of writing the airline did not disclose details of the security breach, it is not clear when the incident took place and how EasyJet discovered the intrusion.
EasyJet conducted a forensic investigation and once identifies the unauthorized access has locked it.
The airline reported the incident to the Information Commissioner’s Office (“ICO”), the good news is that the company is not aware of any attack in the wild that abused the stolen information.
EasyJet is still investigating the security breach.
“We take the cybersecurity of our systems very seriously and have robust security measures in place to protect our customers’ personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated,” says EasyJet Chief Executive Officer Johan Lundgren.
“Since we became aware of the incident, it has become clear that owing to COVID-19, there is heightened concern about personal data being used for online scams. Every business must continue to stay agile to stay ahead of the threat.”
The airline has started notifying the incident to all the impacted customers and is recommending them to be “extra vigilant, particularly if they receive unsolicited communications.”
According to the Reuters that cited two people familiar with the investigation, hacking tools and techniques used by attackers point to a group of suspected Chinese hackers that targeted multiple airlines in recent months.
Italian friends could read my interview with Italian State Broadcast Television RAI:
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – EasyJet, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.