If you’re a traveler who has flown anywhere in Europe using EasyJet, heads up. Tuesday morning, the low-cost London-based airline disclosed that its customer database had been pillaged by a “highly sophisticated” source.
The airline told the stock market world that unauthorized access to its systems has been completely sealed off. Still, for the 9 million customers who had their email addresses and travel details compromised and the 2,208 customers who had their credit card details exposed, that’s anything but good. The airline said affected customers will be contacted by the airline no later than May 26.
EasyJet CEO Johan Lundgren said in a statement that the company takes cybersecurity seriously but that “this is an evolving threat as cyber attackers get ever more sophisticated.”
Cyber attacks more common during pandemic
With the pandemic forcing businesses to work with minimum staff, this digital raid might have been expected.
“It comes as no surprise that well-known organizations who are very publicly affected by the pandemic -- and are known to have furloughed lots of staff -- would be the targets of sophisticated cyberattacks, with the potential to cause significant reputational damage,” Andrew Tsonchev, director of technology at cybersecurity firm Darktrace told CNBC.
While Tsonchev is only speculating, there might be a stick-up that may yet come out of this. “Globally ... we’ve seen an uptick in highly targeted and sophisticated attacks like these,” he said.
“Access ‘downstream’ to clients and customer data is often the goal of these attacks, as withholding this data secures not only secures a quick ransom payout at a time when companies are keen to keep cost down, but can also provide vital nuggets of information to launch secondary attacks.”
Think you might be affected?
As is pretty much standard in these situations, Lundgren did his best to give the airline’s customers some solace, suggesting that they be “extra vigilant” if they get an email that purportedly comes from the airline or its travel arm EasyJet Holidays.
ConsumerAffairs has a couple of other smart moves to suggest: If you’ve done ANY business with EasyJet, be on alert for any unusual activity on your credit cards or bank accounts, change passwords for your EasyJet and any related accounts, and check with HaveIBeenPwned to see if your email address has been compromised in this (or any other) data breach.