EasyJet admitted that it has been a target of a cyberattack from a highly sophisticated source. It first learned of the attack in January 2020. The European airline stated that the threat actors accessed the email addresses and travel details of more than nine million customers. However, the company clarified that out of the nine million affected customers, only 2,200 customers’ credit card details were compromised.
In an official statement, the airline stated that it informed the U.K.’s privacy watchdog, the Information Commissioner’s Office (ICO), and also the National Cyber Security Centre (NCSC) about the incident
While the investigation is ongoing, EasyJet stated that there is no evidence of any misuse of customer information. EasyJet urged its customers to change passwords, monitor their credit card accounts, and be vigilant of any phishing emails.
“We are communicating with the approximately 9 million customers whose travel details were accessed to advise them of protective steps to minimize any risk of potential phishing. We are advising customers to continue to be on alert as they would normally be, especially should they receive any unsolicited communications. We also advise customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays,” EasyJet said in a statement.
EasyJet’s Chief Executive Officer, Johan Lundgren, said, “We take the cybersecurity of our systems very seriously and have robust security measures in place to protect our customers’ personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated. Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams.”
“We are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications,” Lundgren added.
Cybersecurity on the Airline Industry
Keeping in mind the growing cyberattacks on the Aviation industry, ResearchAndMarkets.com released a report titled Aviation Cybersecurity Market – Growth, Trends, and Forecast (2019 – 2024). According to the report, the aviation cybersecurity market is expected to register a CAGR of around 11% during the forecast period of 2019-2024.
The industry relies heavily on IT infrastructure for its ground and flight operations. The security of these airline systems has a direct impact on the operational safety and efficiency of the industry, and also indirectly impacts the service, reputation, and financial health. The report discusses cybersecurity in the aviation sector by solution and application spanning from airline management, air cargo management, air traffic control management, and airport management.