Budget airline easyJet, which is still reeling from the impact of the coronavirus pandemic to the aviation industry, has been dealt another blow. A cyberattack from what the airline described as a “highly sophisticated source” managed to access the email address and travel details of approximately nine million easyJet customers.
“These affected customers will be contacted in the next few days,” said the British airline in a statement. “If you are not contacted, then your information has not been accessed. Other than as referenced in the following paragraph, passport details and credit card details of these customers were not accessed.
“Our forensic investigation found that, for a very small subset of customers (2,208), credit card details were accessed. Action has already been taken to contact all of these customers and they have been offered support.”
The Information Commissioner’s Office and the National Cyber Security Centre have been notified of the cyber incident. Meanwhile the unauthorised access has been closed off by easyJet, which added that affected customers will hear from the company no later than May 26.
“We’re sorry that this has happened, and we would like to reassure customers that we take the safety and security of their information very seriously,” stated the airline, the entire fleet of which was grounded nearly two months ago amid the COVID-19 crisis.
Meanwhile chief executive Johan Lundgren also offered assurances that they will continue to invest in protecting easyJet systems and customers. It’s not clear whether losses will be incurred by the firm following the data breach, and what insurance coverage easyJet has in place.