easyJet: data of 9 million users stolen

(To Davide Lo Prete)

The global health emergency has had a huge impact on airlines, forced to suspend many flights and, therefore, to drastically reduce their earnings.

But this was not the only problem affecting the airlines. They have not been immune to the increase in cyber risks that the pandemic has generated.

Last January easyJet, company low-cost British, it learned of a cyber attack against 9 million users. Specifically, through the databreach, hackers stole email addresses and travel details of 9 million users. An even more relevant attack, if one takes into account that for more than 2.200 of these, the attack involved information relating to credit cards.

The databreach was released only on May 19, with an official press release from the company, which classified it as "highly sophisticated". In the release, easyJet declares "To be sorry for what happened". The Chief Executive Officer, Johan Lundgrenche, said that the company "Takes the protection of its customers' information seriously" and that "Because of COVID-19 there is a growing concern about scams that use user data".

The company only started contacting interested customers in April. After the attack, in fact, the company began to collaborate with theInformation Commissioner's Office (ICO), office in charge of the defense of rights regarding information, and with the National Cyber ​​Security Center, responsible for supporting companies in the management of cyber attacks (the equivalent of the Italian CSIRT).

However, theAvast Security EvangelistLuis Corrons stressed that easyJet's delay in communicating the data breach to customers, "Highlighted the company's IT vulnerabilities."

easyJet, after carefully analyzing the purposes of the hackers, stated that there is no evidence that the data has been used for criminal purposes.

According to Reuters, the attack may have been perpetrated by a group of Chinese hackers, already authors of cyber attacks against other airlines, but there is still no data to prove the origin.

The attack comes two years after the data breach which involved data from more than 300.000 British Airways users. In the same year, Cathay Pacific Airways (Hong Kong's airline) and Air Canada also suffered cyber attacks.

Tips for customers

One of the biggest risks is that customers can receive phishing emails in the form of fake airline offers.

To prevent further accidents, the National Cyber ​​Security Center has released some useful information and advice for users who suspect they have been victims of the attack.
First, users can report online fraud through the site www.actionfraud.police.uk., or call 0300 123 2040.

The NCSC then recommends changing the account password and using a secure one. Furthermore, by entering your e-mail address on the haveibeenpwned.com website, you can find out if your account has appeared in other data breaches.

Finally, the Center recommends using two-factor authentication, a tool that provides additional protection against cyber attacks.

Cyber ​​(in) security

These types of incidents are a clear sign that cybersecurity and data protection should be priorities for companies. In this regard, theInformation Commissioner, Elizabeth Denham, stated that "when a company is unable to protect customer data from cyber threats, this is more than just an inconvenience and when the company is entrusted with sensitive data, it has an obligation to safeguard it".

The attack revealed, once again, the fragility of sensitive data protection systems. This vulnerability is even more evident in a period in which, thanks to the health crisis generated by the COVID-19 pandemic, web traffic has shot up and consequently cyberthreats.









Photo: Twitter / web