Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikipediaThe Free Encyclopedia
Search

EasyJet data breach

From Wikipedia, the free encyclopedia
Cyberattack on EasyJet
icon
This articleneeds additional citations forverification. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged and removed.
Find sources: "EasyJet data breach" – news ·newspapers ·books ·scholar ·JSTOR(October 2021) (Learn how and when to remove this message)

TheEasyJet data breach was acyberattack on the computer systems of British airlineEasyJet.[1][2]

Discovery

[edit]

EasyJet first learned of the cyberattack at the end of January 2020.[1][2] Approximately nine million people were affected with the credit card details of 2,208 also accessed.[1] EasyJet notified theInformation Commissioner's Office while they were investigating the breach.[1]

Public admission

[edit]

EasyJet publicly revealed the attack in May 2020.[1] They told theBBC that they were only able to notify customers whose details (credit card or email addresses) were stolen in April 2020.[1] EasyJet told BBC "This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted".[1] They also said "We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed".[1]

The affected data covers flight bookings made from 17 October 2019 to 4 March 2020.[2]

The stolen credit card details include thecard security code.[1]

EasyJet said they had gone public to notify the nine million customers whose email addresses had been accessed to beware ofphishing attacks and that it would notify everybody by 26 May.[1] Passengers whose credit card details were accessed were notified in April.[2] They did not reveal details of the attack but said it seemed to be aimed at "company intellectual property" rather than information that could be used in identity theft.[1]

EasyJet was not obliged to notify passengers whose basic booking details were compromised but they announced the details because of an increase in phishing attacks during theCOVID-19 pandemic.[2] Passport details were not accessed.[2]

The Information Commissioner's Office said they were investigating.[1] The ICO said "People have a right to expect that organisations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary".[1] As of August 2023 the investigation by the ICO had been 'de-prioritised'.[3]

See also

[edit]

References

[edit]
  1. ^abcdefghijklmWakefield, Jane (19 May 2020)."EasyJet admits data of nine million hacked".BBC News. Retrieved20 May 2020.
  2. ^abcdefCalder, Simon (19 May 2020)."EasyJet hack: what does it mean for me and my personal data?".The Independent. Retrieved20 May 2020.
  3. ^https://ico.org.uk/media2/migrated/4027731/ic-268335-t4y5-letter-to-easyjet-17-8-23-redacted.pdf.{{cite web}}:Missing or empty|title= (help)
Hacking in the 2020s
← 2010sTimeline2030s →
Major incidents
2020
2021
2022
2023
2024
2025
Groups
Individuals
Majorvulnerabilities
publiclydisclosed
Malware
2020
2021
2022
2025
Retrieved from "https://en.wikipedia.org/w/index.php?title=EasyJet_data_breach&oldid=1323942549"
Categories:
Hidden categories:
[8]ページ先頭
©2009-2025 Movatter.jp