EasyJet Gets Pwned By Hackers…. 9 Million Customers Affected

Discount airline EasyJet has been pwned by hackers. While several outlets are reporting this, here’s the key highlights:

  • The email and travel details of around 9 million customers were accessed.
  • The credit card information for 2,208 customers were accessed.

Clearly this is far from a trivial hack. and this quote says it all:

“This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted,” EasyJet said to the BBC.

Customers who have been affected have been contacted, and the U.K. Information Commissioner (ICO) and National Cyber Security Centre have also been contacted.

Andrew Tsonchev, director of technology for Darktrace had this to say:

18 months after British Airways suffered a major data breach, it is not surprising that airline companies continue to be a target for cyber attackers, particularly at a time when the industry is suffering from financial woes and reduced workforce due to furloughing.

Across our global customer base we’ve seen an increase in highly targeted and sophisticated attacks like these in recent months. Often their goal is to compromise customer data and demand a ransom payment at a time when the business is already highly stressed. Alternatively, the data collected can help inform secondary attacks, for example to tailor a spearphishing attack.

This is another wake-up call to businesses that they need to step up to the challenge and invest in innovations such as AI that are suited to monitoring and protecting very distributed digital systems. Security teams alone cannot keep up with the speed and stealth of today’s attackers.

It will be interesting to see what happens to EasyJet. And more importantly how this data will be misused.

Leave a Reply

%d bloggers like this: