EasyJet has admitted on Tuesday, May 19 that a "highly sophisticated cyber-attack" has affected approximately nine million customers. Now as per the recent reports, it was believed that Chinese hackers have launched the cyberattack and gained access to email and travel details of EasyJet customers.
As reported by Reuters, two sources familiar with the investigation revealed that the hacking tools and techniques used in the EasyJet attack pointed to a suspected Chinese hackers' group that has targeted multiple airlines in recent months.
But when IBtimes SG talked to Brett Callow, a threat analyst at Emsisoft, he said:
The specifics of this incident are very vague at this point in time. While EasyJet has stated that it was a 'highly sophisticated cyber-attack', these incidents are often the result of basic security failings such as improperly securing an internet-facing server.
Whatever the cause of the incident, the people whose data has been exposed need to be extra vigilant and on the lookout for phishing emails and other spams and scams.
EasyJet Data Breach
It should be noted that the cyberattack news could result in a hefty fine for the budget airline, which has already been forced to stop the operations due to the Coronavirus pandemic that paralyzed almost the entire world. At this time the airline is also battling its founder and biggest shareholder in a long-running dispute over the carrier's business strategy.
After the recent data breach, EasyJet's chief executive Johan Lundgren said that there was heightened concern about personal data being used for online scams as more people worked from home during this global pandemic.
He then added that "As a result, and on the recommendation of the ICO (watchdog), we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications."
Chinese Hackers are the Threat Actors
Even though Beijing has repeatedly denied conducting such offensive operations and claimed that it is frequently the victim of cyber-attacks itself, the sources told Reuters that these Chinese group of hackers is the same group that had previously targeted travel records and other data to track the movement of specific individuals.
As per EasyJet, credit card details of over 2,000 customers had also been compromised but it did not look like any personal information had been misused. In addition, the airline company also mentioned that it had engaged forensic experts to investigate the breach and also notified Britain's National Cyber Security Centre (NCSC) about the data theft incident.
In this case, an NCSC spokesman stated that the agency is aware of the EasyJet incident and have been working with the airline company from the outset to understand how it has affected people in the UK. However, Britain's Information Commissioner's Office (ICO) also got involved in the investigation and urged anyone affected by the breach to stay vigilant for phishing attacks and scam messages.
ICO said that "People have the right to expect that organizations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary."