EasyJet confirms 9 million travel records data breach

easyjet data breach

EasyJet, is a low-cost British airline company based in London Luton Airport. It provides scheduled domestic and international flights on more than 1,000 routes in more than 30 countries. EasyJet is listed on the London Stock Exchange and is part of the FTSE 100 Index. EasyJet, the UK’s biggest airline, has been hacked by hackers and has accessed 9 million customers’ travel details. 2200 consumers of EasyJet had access to their credit card numbers that exposed in the data breach, but passport details have not been accessed.

The organization has reported the Cyber Security Incident to the Office of Information Commissioner, the data protection regulator in the United Kingdom. According to the European data protection regulations, businesses have 72 hours to notify regulators of a security incident.

Easyjet PLC is a UK-based company that operates point-to-point, low-cost European airlines. The Organization operates some 331 aircraft across 34 countries and some 159 airports. It operates over its segment of the route network. The company’s goal is to provide free, value-added, point-to-point air services to our clients.

EasyJet Data breach: Information accessed by hackers

British airline EasyJet claims it was the target of a cyber-attack that revealed the email addresses and travel information of around 9 million of its customers. They have reported that 2,208 of these customers had their credit card details accessed in what the company describes as an extremely sophisticated attack.

Stolen credit card data includes 3 digit security code called CVV number at the back of the card.EasyJet warns the nine million customers who have lost their email address from phishing attacks.

However, EasyJet said it had already closed the unauthorized access that allowed data breach. They also contacted customers who had revealed their credit card information. There were no exposed passport details in the hack. They advise customers to be cautious regarding any unsolicited emails claiming to be from EasyJet or EasyJet Holidays. CEO of EasyJet Johan Lundgren apologizes to all the customers affected by the incident.

Although other security breaches have been much larger. In which one has exposed the data of 50 million Facebook users, airlines are attracting targets because of their large stores of people’s identities, credit cards, and travel information. In 2018, Hong Kong-based airline Cathay Pacific said it had compromised its computer system. They expose personal data and travel history to as many as 9.4 million people.

The company warned people to be on the lookout for phishing attacks and gave them tips on how to spot these scams on its website.

Phishing attack

During the coronavirus crisis, phishing attempts-which see criminals sending emails with links to fake web pages. Google is blocking Gmail users from more than 100 million phishing emails daily. At any point in the future, phishing emails which leverage data were stolen during the attack could be used as an attack vector.

Consequently, it is vital that customers be vigilant. Even if they receive unsolicited emails or emails that appear to be from EasyJet. As these may be fake emails that lead to cloned websites designed to steal your data.

Chinese hackers suspected of easyJet cyber attack

China hackers suspected of stealing credit card details from customers. China has consistently denied aggressive cyber operations, and regularly claims to be the target of these attacks.

The hacking methods and tactics used in the January attack pointed to a group of alleged Chinese hackers who in recent months have attacked several airlines.

What to do if we are an EasyJet customer

If one is high-flown, they should consider canceling your credit or debit card. They should flag the situation to your bank and ActionFraud. It’s better to update the password for an EasyJet account. Also update any other accounts that they use the same password for. 


The airline advised customers to be particularly careful if they receive unsolicited communications. The airline is in touch with the National Cyber Security Center, a British government body. They help businesses prevent computer security attacks, and the Office of the Information Commissioner, the British department responsible for investigating data breaches.

Like the rest of the aviation industry, the airline was also struck hard by the coronavirus pandemic. This forces a large area or path of the world’s population to stay at home and put corporate travel and holidays on hold. EasyJet had flown over 28 million passengers in 2019 prior to the pandemic. Although, the company was among the first to query the UK state to bail out financial ruin.

Recommended by the author: Unacademy, India’s biggest e-learning portal hacked

Leave a Reply

Your "email address" will not be published. Fields which required below are marked as *