EasyJet Hacked: 9 Million Customers And 2,000 Credit Cards Hit

Author image

Thomas Brewster   Forbes U.S. Staff


Photo: Frederick Tubiermont on Unsplash

Budget airline EasyJet has announced it suffered a “highly sophisticated” hack that led to the leak of personal information on 9 million customers and details of 2,000 credit cards.

Email addresses and travel details of customers were exposed and affected customers will be warned in the coming days, EasyJet said. If not contacted, you’re not affected.

“Our forensic investigation found that, for a very small subset of customers (2,208), credit card details were accessed,” EasyJet said in its announcement. “Action has already been taken to contact all of these customers and they have been offered support.”

The airline said there is no evidence any personal information has been “misused.” It’s notified both the U.K. privacy watchdog, the Information Commissioner’s Office, and the National Cyber Security Centre, a public-facing cybersecurity arm of surveillance agency GCHQ.

No more detail on the nature of the attack, such as when it took place and what systems were exploited, was made available.

EasyJet CEO Johan Lundgren apologized to customers. “This is an evolving threat as cyber attackers get ever more sophisticated,” Lundgren added.

"Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”

As for what customers can do, EasyJet added: “We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications. We also advise customers to be cautious of any communications purporting to come from easyJet or easyJet Holidays.”


Author image

Thomas Brewster   Forbes U.S. Staff

I'm associate editor for Forbes, covering security, surveillance and privacy. I’ve been breaking news and writing features on these topics for major publications since 2010. As a freelancer, I worked for The Guardian, Vice Motherboard, Wired and BBC.com, amongst many others. I was named BT Security Journalist of the year in 2012 and 2013 for a range of exclusive articles, and in 2014 was handed Best News Story for a feature on US government harassment of security professionals.