British budget airline easyJet Plc (ESYJY.PK,EZJ.L) announced that it has been the target of an attack from a highly sophisticated source. It compromised email address and travel details of about 9 million customers. However, the airline has not released the timing of the attack and the duration.
The airline said it has taken immediate steps to close off this unauthorized access to its systems while managing the incident and engaged leading forensic experts to investigate the issue. It is also working closely with the National Cyber Security Center and the Information Commissioner’s Office (ICO), U.K.’s data regulator.
Though the email address and travel details of about 9 million customers were accessed, forensic investigation found that credit card details were accessed of only a very small subset of customers (2,208 customers).
The airline noted that all these affected customers will be directly contacted in the next few days, but no later than May 26. It added,”If you are not contacted then your information has not been accessed.”
easyJet stated that there is no evidence that any personal information of any nature has been misused. However, all the affected customers are being contacted to advise them of protective steps to minimize any risk of potential phishing.
They are also being advised to continue to be alert and “extra vigilant” as they would normally be, especially should they receive any unsolicited communications. The customers are also advised to be cautious of any communications purporting to come from easyJet or easyJet Holidays.
easyJet said it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams.
Source: Read Full Article