Budget airline’s systems hacked – 2,200 customers’ credit card details accessed

Hacking danger

North West customers of budget airline easyJet could be at risk from a security hack of the company’s systems.

The carrier revealed today that it was the target of an attack “from a highly-sophisticated source”.

It warned the attack accessed the email address and travel details of around nine million customers. Of those, the airline found that the credit card details of 2,208 customers were accessed.

The airline is an established operation in the North West, with 86 routes out of Manchester Airport, and 31 from Liverpool John Lennon Airport.

It said as soon as it became aware of the hack it took immediate steps to respond to, and manage, the incident, and engaged leading forensic experts to investigate the issue.

It has also notified the National Cyber Security Centre and the Information Commissioner’s Office (ICO), adding: “We have closed off this unauthorised access”.

The airline said it will contact the affected customers in the next few days: “If you are not contacted then your information has not been accessed.”

It said passport details and credit card details of these customers were not accessed.

People who had their credit card details accessed are being contacted and offered support.

The airline said: “We’re sorry that this has happened, and we would like to reassure customers that we take the safety and security of their information very seriously.”

Chief executive, Johan Lundgren, added: “We take the cyber security of our systems very seriously and have robust security measures in place to protect our customers’ personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated.

“Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams.

“As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.

“Every business must continue to stay agile to stay ahead of the threat. We will continue to invest in protecting our customers, our systems, and our data.

“We would like to apologise to those customers who have been affected by this incident.”