easyJet Breach

easyJet is an international airline headquartered in London. It was founded in 1995 by Sir Stelios Haji-Ioannou and closed three of its bases during the Covid-19 pandemic.

What Was the Breach?

The breach was an attack on the internal systems of easyJet. The attack resulted in the hacker gaining access to non-financial customer data. “Our investigation found that your name, email address, and travel details were accessed for the easyJet flights or easyJet holidays you booked between October 17th 2019 and March 4th 2020,”

easyJet CEO sent to affected flyers. “Your passport and credit card details were not accessed, however information including where you were travelling from and to, your departure date, booking reference number, the booking date and the value of the booking were accessed.“

How Did the Breach Occur?

The breach method was described as “an attack from a highly sophisticated source.” There has since been no update as to how the breach occurred or who was responsible.

When Did This Breach Occur?

easyJet claims to have been alerted to the breach in January 2020, yet the breach affected customers almost two months after.

Who Does the Breach Impact?

The breach affected easyJet flyers that used the airline between October 17th, 2019, and March 4th, 2020. Millions of people fly with the airline each year, resulting in many consumers developing issues with the company.

How Many Files Does the Breach Affect?

The breach affected approximately 9 million people. Surprisingly, only about 2,000 flyers had any financial information involved in the infraction.