easyJet hit by 'highly sophisticated' cyberattack: 9 million customers' details exposed

Budget airline easyJet has fallen victim to a cyberattack in which personal information of 9 million customers was exposed. Included in this personal data were details of travel plans, email addresses and, in some cases, credit card information.

The company is now in the process of contacting all of those who have been affected by the data breach, but says that anyone whose credit card details were stolen by hackers has already been contacted.

While the number of customers who have had their personal details exposed is quite high, only a small proportion have had their credit card details stolen. easyJet says that 2,208 people were affected, but concedes that all customers are now at an increased risk of phishing attacks.

In a statement, easyJet chief executive, Johan Lundgren, said:

We would like to apologize to those customers who have been affected by this incident. Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.

At the moment it is not clear who is responsible for the attack, nor how long it lasted. easyJet stresses that there is currently no evidence to suggest that the stolen data has been misused by the hackers.

Image credit: Iakov Filimonov / Shutterstock