The British affordable airline company EasyJet has fallen prey to a massive cyberattack, exposing around nine million customers' data. EasyJet issued a statement mentioning that the highly sophisticated attack has taken down its systems, exposing email addresses and other personally identifiable information (PII), including travel details. The company admitted that out of the nine million user records, the hackers have compromised 2,208 credit card details too.
Highly Sophisticated Attack
The company has claimed that they had not found any evidence of stolen data being misused. But to be on the safe side, EasyJet has appealed to its customers to deal cautiously with any sort of communication masquerading as EasyJet or EasyJet Holidays.
Johan Lundgren, CEO, EasyJet, claimed that the airline gives top priority to safeguard customer data and has "robust security measures" in place. "However, this is an evolving threat as cyber attackers get ever more sophisticated," he said.
"Since we became aware of the incident, it has become clear that owing to COVID-19, there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed, and we are advising them to be extra vigilant, particularly if they receive unsolicited communications."
"We would like to apologize to those customers who have been affected by this incident," Lundgren added.
EasyJet has contacted the Information Commissioner's Office (ICO) and the GCHQ's cybersecurity wing of the surveillance agency National Cyber Security Centre (NCSC) and "closed off this unauthorized access to its systems."
Not many details are available about the highly sophisticated cyber attack, which no group has claimed as yet.