Cybercriminals have breached data of 9 million customers of EasyJet, the low-cost airline company revealed early this week. Email addresses and travel details were accessed, and the hackers also stole credit details of 2,207 customers during the EasyJet hack.
The Information Commissioner’s Office of the UK is investigating the matter. It is believed that the breach was carried out by Chinese hackers, who have been very active during the pandemic and have been targeting many airline companies. Authorities came to know of the EasyJet hack in January but was able to inform the customers of the theft of credit details only in April, reports the BBC. The hackers even managed to access the security code called the CVV number at the back of the card credit card.
EasyJet Customers Lose Personal Data in Cyber Attack
“There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimize any risk of potential phishing. “We are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays, “ the company said.
The company said it was a highly sophisticated attack and it took time to understand its scope. Johan Lundgren, EasyJet’s chief executive, said,“…on the recommendation of the ICO (watchdog), we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”
Details from the EasyJet Hack
EasyJet did not give any details of the attack but said investigations suggested that the hackers were after “company intellectual property” rather than identity theft. Such attempts are more interested in tracking details of movements of certain specific people rather than any personal monetary gains. It is more about gathering intelligence for other nefarious purposes. “Interest in who is traveling on which routes can be valuable for counter-intelligence or another tracking of persons of interest,” said Saher Naumaan, a threat intelligence analyst at BAE Systems, who has investigated similar attacks.
“There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimize any risk of potential phishing.
“We are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays, “ the company said. The ICO, which is investigating the breach, said that when organizations collect personal details of people, they are expected to act responsibly and secure the information. “When that doesn’t happen, we will investigate and take action where necessary.” This means, EasyJet may be held responsible for the breach and will have to pay a hefty fine. The ICO cautioned d people to be on the lookout for any phishing attempts. It directed people to read the advice listed on its website to spot phishing scammers.
Phishing attempts have risen manifold during the corona pandemic, say hacking experts. Google revealed that it blocks more than 100 million phishing emails every day. Phishing emails come with links to the website, which if one inadvertently opens, makes it easy for hackers to steal all details stored on your computer.
According to a hacking investigation expert Ray Walsh, the COVID-19 spread led to many people canceling their travel plans and flights, which has made it easy for hackers to steal personal and credit details.
EasyJet is already facing trouble as most of its aircraft are grounded due to the pandemic. Additionally, there is a legal battle being fought by the directors of the carrier and founding member over business strategies. EasyJet shares have been losing on the stock markets steadily in the last three months and shot down to 1 percent on the announcement of the breach.
Whether you want to stay up-to-date on tech news, read in-depth tech reviews, or find new ideas on AI, Big Data and Robotics, Technowize Magazine is here to suit your needs and help you stay more informed.