Connect with us

Hi, what are you looking for?

Life

Budget airline EasyJet suffers major data breach (Includes interview)

According to the BBC, EasyJet has announced that a cyberattack” has affected approximately nine million of its customers. Some customers have been hit more significantly than others, with email addresses and travel details being copied, plus, for 2,208 customers, they have had their credit card details “accessed”.

The incident took place in January 2020, although the airline is only now beginning to notify customers, as The Daily Telegraph reports.

While EasyJet has stated that there is no evidence that information has been misused yet, given the breadth of data that airlines hold, follow-up phishing attacks could be damaging., according to Bitglass CTO Anurag Kahol. He tells Digital Journal that details as to how the breach occurred have yet to be declared. The company has alerted the UK’s Information Commissioner’s Office and National Cyber Security Centre (NCSC) as well as hired an expert to look into the breach.

According to Kahol, this sector of the economy is “extremely attractive target to cybercriminals, as they can collect and store personally identifiable information (PII) on billions of passengers every year, including passport numbers, credit card information, email addresses and much more. In this easyJet incident, millions of passenger email addresses and travel details, along with thousands of credit card numbers were compromised.”

With the specific attack, he notes: “Although the airline stated that there’s no evidence of the data being misused, bad actors could leverage this information to launch sophisticated phishing attacks against those impacted to gather even more sensitive. Additionally, hackers could sell or leak the credit card information on the dark web for others to commit financial fraud.”

In terms of the implications, Kahol says: “It’s unclear at this time how the hackers infiltrated EasyJet’s systems, but the company says it was a ‘highly sophisticated’ attack, illustrating that cybercriminals are constantly advancing their attack methods. As such, companies must have full visibility and control over their data by implementing tools that detect and remediate misconfigurations, enforce real-time access control, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent the leakage of sensitive information.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

CMG is integrating advanced simulation tools with NVIDIA hardware and high-performance computing software to accelerate time-to-decision for energy leaders.

Entertainment

Fabian Arnold, David Millbern, and Meredith Thomas star in the new movie "Big Rage," which premiered on November 1st on Here TV.

Entertainment

Alison Victoria, interior designer, Emmy-nominated producer, and social influencer, chatted about her latest endeavors.

Tech & Science

Identity and credential misconfigurations represent a staggering 80% of security exposures across organizations.