British airline EasyJet acknowledged “9 million of its customer’s email addresses and travel details” were stolen.
According to EasyJet, On May 26th Cybercriminals manage to access 9 million customer’s information and 2,208 credit card details along with email addresses and travel details. The “unauthorized access has been closed” which led to the data breach and reported this incident to the National Cyber Security Center and the Information Commissioner’s Office (ICO), the data regulator.
“Our forensic investigation found that, for a very small subset of customers (2,208), credit card details were accessed,” EasyJet said in the notice “Action has already been taken to contact all of these customers and they have been offered support.”
However, “There’s no evidence that any personal information of any nature has been misused,” EasyJet told no passport details were exposed.
Those customers whose credit card details were stolen have been contacted while everyone else affected will be contacted by 26 May.
“We would like to apologise to those customers who have been affected by this incident,” EasyJet CEO Johan Lundgren said in a statement. “We are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”
It’s a great opportunity for hackers to conduct phishing attacks or social engineering. If you’re getting emails make sure it’s from the official source and avoid clicking on links to protect yourself from scams or getting infected.