easyJet is an international airline headquartered in London. It was founded in 1995 by Sir Stelios Haji-Ioannou and closed three of its bases during the Covid-19 pandemic.
The breach was an attack on the internal systems of easyJet. The attack resulted in the hacker gaining access to non-financial customer data. “Our investigation found that your name, email address, and travel details were accessed for the easyJet flights or easyJet holidays you booked between October 17th 2019 and March 4th 2020,”
easyJet CEO sent to affected flyers. “Your passport and credit card details were not accessed, however information including where you were travelling from and to, your departure date, booking reference number, the booking date and the value of the booking were accessed.“
The breach method was described as “an attack from a highly sophisticated source.” There has since been no update as to how the breach occurred or who was responsible.
easyJet claims to have been alerted to the breach in January 2020, yet the breach affected customers almost two months after.
The breach affected easyJet flyers that used the airline between October 17th, 2019, and March 4th, 2020. Millions of people fly with the airline each year, resulting in many consumers developing issues with the company.
The breach affected approximately 9 million people. Surprisingly, only about 2,000 flyers had any financial information involved in the infraction.