Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Easyjet hacked: 9 million customer’s data exposed along with 2,200+ credit card details

British airline EasyJet announced it was the victim of a “highly sophisticated” cyber attack that exposed email addresses and travel details of around 9 million of its customers. British airline EasyJet announced that a “highly sophisticated” cyber-attack exposed email addresses and travel details of around 9 million of its customers. “Following discussions with the Information Commissioner’s Office (“ICO”), the […]

Easyjet 1024x683-640x381

British airline EasyJet announced it was the victim of a “highly sophisticated” cyber attack that exposed email addresses and travel details of around 9 million of its customers.

British airline EasyJet announced that a “highly sophisticated” cyber-attack exposed email addresses and travel details of around 9 million of its customers.

“Following discussions with the Information Commissioner’s Office (“ICO”), the Board of easyJet announces that it has been the target of an attack from a highly sophisticated source.” reads a statement from the company. “Our investigation found that the email address and travel details of approximately 9 million customers were accessed.” 

According to the company, hackers also accessed a small subset of customers and obtained credit card details for 2,208 of them, no passport details were exposed.

“Our forensic investigation found that, for a very small subset of customers (2,208), credit card details were accessed.” continues the company.

At the time of writing the airline did not disclose details of the security breach, it is not clear when the incident took place and how EasyJet discovered the intrusion.


EasyJet conducted a forensic investigation and once identifies the unauthorized access has locked it.

The airline reported the incident to the Information Commissioner’s Office (“ICO”), the good news is that the company is not aware of any attack in the wild that abused the stolen information.

EasyJet is still investigating the security breach.

“We take the cybersecurity of our systems very seriously and have robust security measures in place to protect our customers’ personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated,” says EasyJet Chief Executive Officer Johan Lundgren.

“Since we became aware of the incident, it has become clear that owing to COVID-19, there is heightened concern about personal data being used for online scams. Every business must continue to stay agile to stay ahead of the threat.”

The airline has started notifying the incident to all the impacted customers and is recommending them to be “extra vigilant, particularly if they receive unsolicited communications.”

According to the Reuters that cited two people familiar with the investigation, hacking tools and techniques used by attackers point to a group of suspected Chinese hackers that targeted multiple airlines in recent months.

Italian friends could read my interview with Italian State Broadcast Television RAI:

http://www.rainews.it/dl/rainews/articoli/easyjet-anncuncia-di-essere-stata-vittima-di-maxi-attacco-hacker-rubati-9-milioni-di-dati-ec0e14e1-8603-42ca-93ab-8adf0a13f70e.html

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – EasyJet, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]