Airline EasyJet has been hacked - exposing nine million customers' information

Nine million EasyJet passengers have had their travel details accessed by hackers, the airline has announced.

Tuesday, 19th May 2020, 2:57 pm
Updated Tuesday, 19th May 2020, 2:58 pm

The Luton-based carrier said the figure includes 2,208 customers who had their credit card details exposed.

It insisted there is "no evidence that any personal information of any nature has been misused" due to the cyber attack but customers are being warned to be extra vigilant against so-called "phishing" scams where crooks try to get further information such as bank details.

The PA news agency understands that - apart from the people whose credit card details were accessed - the information obtained by the hackers was a customer's name, email address, flight destination and date of travel.

Sign up to our daily newsletter

The i newsletter cut through the noise

EasyJet has been hit by a hacking issue

EasyJet has begun contacting affected customers and pledged that they will all be informed by May 26.

The airline did not disclose when the cyber attack took place or how it happened.

EasyJet chief executive Johan Lundgren said: "We take the cyber security of our systems very seriously and have robust security measures in place to protect our customers' personal information.

"However, this is an evolving threat as cyber attackers get ever more sophisticated.

"Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams.

"As a result, and on the recommendation of the Information Commissioner's Office, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.

"Every business must continue to stay agile to stay ahead of the threat. We will continue to invest in protecting our customers, our systems and our data.

"We would like to apologise to those customers who have been affected by this incident."

The ICO announced last year that it intends to fine British Airways a record £183m after the personal data of more than half a million passengers was compromised in a hacking incident believed to have started in June 2018.

The hotels group Marriott was also fined last year, £99.2m for a breach that revealed the data of 339 million customers.