Easyjet admits security breach as nine million customers affected
Budget carrier confesses to hack in January 2020, and has informed the Information Commissioner's Office
Easyjet has admitted to being hacked in January 2020, with nine million customers affected.
It has informed the UK's data protection regulator, the Information Commissioner's Office, and its investigations are apparently ongoing.
The budget airline released a statement earlier today.
"We take issues of security extremely seriously and continue to invest to further enhance our security environment.
"There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing."
Tim Sadler, CEO at Tessian, warned those affected to be extra vigilant in the coming days and weeks.
"EasyJet customers are now at greater risk of phishing scams following this cyberattack, and people need to be wary of emails they receive purporting to come from the airline company. Always check the sender name and email address match up and if you're being asked to carry out an urgent action, verify the legitimacy of the request by contacting EasyJet directly using details on their website.
"Unfortunately, it was only a matter of time before a cyber attack of this scale crippled a large organisation, and the attack should act as a warning to all organisations that no one is safe from a severe breach of data. Cybercriminals have not missed a trick to capitalize on the COVID-19 crisis, and we've seen a huge increase in the number of cyber attacks and scams during this time.
"The travel industry especially has been severely impacted by COVID-19, and there's no telling how much more damaging this cyber breach will be to EasyJet's future. Moving forward, organisations should prioritise security protocols, implement sophisticated protection software, and ensure all employees are aware of security best practices, and carrying them out at all times."
The news comes shortly after reports of supercomputers across Europe being compromised by hackers.