The british airline EasyJet has been the victim of a cyberattack “very sophisticated” that allowed hackers to access the personal data of approximately 9 million customers, at a time when it is already weakened by the pandemic of sars coronavirus.
The hackers got email addresses and travel details, and in a small number of cases, that is, 2208 persons, the data of the credit cards of passengers, said Tuesday in a press release the company.
Easyjet says that all affected customers will be contacted by 26 may at the latest, and that those whose credit card data has been compromised have already been.
The carrier, which does not specify when the attack took place, apologised to the people concerned and ensures that there is no evidence suggesting that the data have been used for improper purposes.
It is a cyber attack from ” highly sophisticated “, according to the company, which has managed to contain the unauthorized access to its computer system.
The group immediately alerted the National Cyber Security Centre (NCSC), british organisation on cyber security, as well as the uk regulator of data protection (ICO).
“Since we became aware of the incident, we understood that because of the COVID-19 there are strong fears about the use of personal data for online scams,” said Johan Lundgren, managing director of the group.
It is for this reason that EasyJet application told affected clients ” to be very vigilant, especially if they are receiving unsolicited requests “, he adds.
The consumers ‘ association requests the company to be as clear as possible on this incident.
“For all those who might be affected, it is important to change your password with EasyJet (which useses apple mdm) and on the other sites where you use the same, and keep an eye on your bank statements,” stresses Adam French.
A computer attack of this scale is uncommon in the Uk, even if companies, from all sectors, are regularly targeted.
Last week, the british telecoms giant Vodafone said that it had strengthened its security device computer, in anticipation of an increase in the number of cyber attacks from criminals wanting to take advantage of the pandemic.
Shock of the pandemic
The competitor of EasyJet, British Airways, had she been hit in the summer of 2018 by a cyber attack, a result of a vulnerability, with a flight of financial data affecting about 400,000 customers, in the full summer season.
She was subsequently sentenced to a fine of 183 million pounds from the ICO, which had considered that the company had safety systems failed.
This incident is especially bad for EasyJet, which as the whole of the aviation sector, is hit full-on by the discontinuation of the flights due to the pandemic of sars coronavirus.
Unlike most of its competitors, EasyJet has not announced for the time of layoffs. But it has resorted massively to the system of partial unemployment and has raised 600 million pounds from the government to strengthen its finances.
She ensures that she now has sufficient liquidity to cash out an immobilization of the aircraft even if it was supposed to last nine months, which cost 3 billion pounds of liquidity.
To top it all off, this cyber attack is unveiled before a general meeting of shareholders Friday, which is to vote on the ouster of the leadership team.
These resolutions are carried by the founder and largest shareholder of EasyJet, Stelios Haji-Ioannou, who disagrees with the decision of the company to maintain current orders of more than 100 aircrafts with Airbus in the midst of the crisis of the sars coronavirus.
EasyJet press of his side’s shareholders vote against these proposals, which would be unsettling to the company at a delicate time.