British airline company EasyJet recently admitted that the company had experienced a massive data breach, affecting nine million of its customers. The hacker infiltrated the credit card details of its customers, including the three sensitive numbers at the back of the card itself. EasyJet said that a "highly-sophisticated attacker made the incident."
EasyJet got hacked! 9 million customers now at-risk for phishing
On Tuesday, May 19, low-cost airline group EasyJet revealed on the public that they experienced a recent data hacking, back in January. Approximately, nine million of its customers were warned by the company after hackers stole a massive amount of info from their database.
About 2,208 from this population had their credit cards' data stolen.
The airline said that they were first made aware of the hacking incident months ago. However, they told BBC that they were only able to notify all the affected parties in early April.
As explained, the hacking was made by a "highly-sophisticated attacker" since the data that was stolen were huge and almost the entire database of the company.
"This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted," the airline told the BBC.
EasyJet also explained that they did not notify their customers immediately to make sure that only the 'affected' ones were made aware of the incident. To prevent panic from the people that may have or may not have hacked their info.
"We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed," added by the company.
No evidence shows 'used' credit cards
Despite months of EasyJet's awareness of the hack and also months after before they made it public, the company assures that "no evidence that any personal information of any nature has been misused."
By May 26, EasyJet will also personally contact all nine million of its customers to provide the details regarding the issue. Aside from that, personnel of the airline will also remind all the affected parties to be careful on each of their transactions from now on, since their data were already open to hackers.
"We would like to apologize to those customers who have been affected by this incident," EasyJet CEO Johan Lundgren said in a statement. "We are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications."
A spokesperson for the UK's data protection regulator, the Information Commissioner's Office, said that the company and the government are already investigating the breach. It was advised to anyone that had booked flights with EasyJet to be vigilant with any possible phishing incidents that may happen soon and contact the government immediately.