UK low-cost carrier easyJet has reported that it has been the victim of a 'highly sophisticated' cyberattack.
The airline, whose fleet has been grounded since March due to the Covid-19 pandemic, notified the London Stock Exchange that an unauthorized entry to its systems had been shut down and the breach dealt with.
easyJet's investigations found that email details of 9 million customers had been exposed and that credit card details of 2,208 customers had been accessed including the three-digit CVV security code on the back of the cards. The company said that it would notify all customers affectewd by May 26.
The BBC reported that EasyJet first became aware of the attack in January but was only able to notify those customers whose credit card details were accessed in early April.
easyJet CEO Johan Lundgren said that the airline takers cybersecurity very seriously but that, "this is an evolving threat as cyber attackers get ever more sophisticated."
Lundgren added that affected customers should be "extra vigilant," especially if in the future they receive suspicious looking emails. easyJet added that customers should be particularly cautious regarding any communications purporting to come from easyJet. "We will continue to invest in protecting our customers, our systems, and our data," Lundgren said. "We would like to apologize to those customers who have been affected by this incident."
easyJet said it is working on the matter with the National Cyber Security Center and the Information Commissioner’s Office, which is the UK data regulator.
Published by Globes, Israel business news - en.globes.co.il - on May 20, 2020
© Copyright of Globes Publisher Itonut (1983) Ltd. 2020