Easyjet has announced today, Tuesday 19 May 2020, that their database has been hacked by criminals. Personal information relating to 9 million customers has been leaked. This includes details of 2,000 credit cards and email addresses and travel plans of the customers affected. Passport details do not appear to have been taken.
EasyJet Assurances to Customers
Those customers who have been affected by this hack will be contacted in the next few days. Those who are not contacted can assume they have not been affected. However, anyone who has made bookings, or enquiries should be aware of this cyber-attack. The company is warning its customers to treat unsolicited emails with caution. Move them to spam or just delete them.
EasyJet has announced that they have no evidence that any personal information has been misused. It has notified all relevant authorities. These include the U.K. privacy watchdog, the Information Commissioner’s Office, and the National Cyber Security Centre, a public-facing cybersecurity arm of surveillance agency GCHQ.
The details of this attack have not been released – for example who was responsible and how it was carried out.
Precautions that Easyjet Customers Should Take
For the next few weeks anyone who has dealt with EasyJet should ensure that emails that look as though they have come from EasyJet are genuine. Check the sender details very carefully and be very wary of any emails requesting personal details.
Change the security details on any bank cards used to make payments to EasyJet – whether or not you have been contacted by them to say your details have been leaked. This should be done on a regular basis anyway.
The hackers may pass on the details to other organisations and the customers affected may now be subject to phishing attacks. Any unusual emails should be subject to careful scrutiny or simply deleted. Scam emails are a regular occurrence. There are some particularly malicious ones that attempt to blackmail the receiver. This is known a phishing and these emails should be forwarded to report@phishing.gov.uk.
Well done for this clear advice on the EasyJet hacking.