The British airline EasyJet has recently confirmed that last January, it has suffered a severe data breach in which more than 9 million customers’ data is exposed.
The British airline, EasyJet, says that the attack was highly sophisticated and has affected a variety of data of people who have used the services of the company.
Apart from this, this would be one of the most severe attacks in the history of aviation, due to the number of users affected and the range of the information obtained. In addition, they have also confirmed that the cybercriminals have also obtained more than 2,000 traveler credit card data as well.
The British airline, EasyJet, has ensured that they are not yet informed about the exposed data has been used for any fraudulent purposes.
Here’s what the Chief Executive Officer of EasyJet, Johan Lundgren said, “We take the cybersecurity of our systems very seriously and have robust security measures in place to protect our customers’ personal information.”
“Since we became aware of the incident, it has become clear that owing to COVID-19, there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed, and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”
Data stole from EasyJet
According to the company’s internal investigation report, the attackers would not have obtained the personal information of EasyJet travelers, but they have been able to achieve very revealing details.
Here is the list of data the attackers have stolen:-
- Email address
- Details of the passengers’ trip made with EasyJet
- Credit card details
Stolen credit card data included the three digital security code – known as the CVV number – on the back of the card itself.
Apart from this, the users who have been affected by this attack, the British airline EasyJet will inform them all via email. EasyJet has been aware of the attack since last January 2020, as we told earlier, but it is now that it has been able to make it public after an internal investigation into the extent of the intrusion.
Moreover, it is still unknown that how long the attackers had access to EasyJet’s internal network; only the company received notice in January. But, the company has promised that it takes security concerns “extremely seriously” and will continue to invest in improving its environment.
EasyJet added that it had gone public now in order to warn the nine million customers whose email addresses had been stolen to be wary of phishing attacks.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.