` Data Breach Update: EasyJet Admits Personal Data of Millions of Customers Was Hacked - Clarip Privacy Blog
ENTERPRISE    |    CONSUMER PRIVACY TIPS    |    DATA BREACHES & ALERTS    |    WHITEPAPERS

Data Breach Update: EasyJet Admits Personal Data of Millions of Customers Was Hacked

EasyJet Personal Customer Data Hacked

On May 19,  2020, British budget airline EasyJet publicly revealed that it was subject to a cyberattack which resulted in an unauthorized access to nine million customers’ email addresses and travel details.  In addition, the company disclosed that 2,208 customers had their credit and debit card details “accessed.”   The stolen credit card data included the three digital security code known as the CVV number.

The company became aware of the attack in January of 2020 but did not provide the details about the nature of the attack, revealing only that the hackers were after the “company intellectual property.”

According to EasyJet, there is no evidence that any personal information of any nature has been misused.  The company,  however, was immediately hit a with a class-action lawsuit under Article 82 of the GDPR on behalf of its customers seeking £18 billion in damages.   The lawsuit alleges that EasyJet waited four months to notify the customers and that the “exposure of details of individuals’ personal travel patterns may pose security risks to individuals and is a gross invasion of privacy.”

In terms of the number of customers affected, the EasyJet breach eclipses the 2018 data breach of British Airways which resulted from what the ICO investigation found to be “poor security arrangements.”  That incident involved the diversion of British Airways website traffic by malware to a fraudulent website that collected personal detail on approximately 500,000 customers beginning in June 2018. The compromised information included names, addresses, log in details, payment cards, and other travel booking details. In July of 2019, the ICO announced its intention to impose a £183 million fine against British Airways but the imposition of the fine has been repeatedly delayed.

Earlier this year, the ICO fined Cathay Pacific Airways £500,000 over security failures which resulted in the unauthorized access of personal information such as customers’ names, passport and identity details, date of birth, postal and email addresses, phone numbers, and travel information.

Ask Clarip today how we can solve your biggest privacy compliance pain points, Call Clarip at 1-888-252-5653

Contact

  • 1521, Concord Pike, Suite #301,
    Wilmington, DE 19803 USA
  • 20 Montchanin Road, Suite 20,
    Greenville, DE 19807 USA
  • Contact Online

888-252-5653

About

Consumers

Businesses

The pixel
Show Buttons
Hide Buttons