EasyJet hack impacts nine million passengers

Airline’s systems were breached in January, but it didn’t tell the world until now.

EasyJet hack impacts nine million passengers

The personal details of nine million customers of budget airline EasyJet have been accessed by hackers in what the budget airline is describing as a “highly sophisticated attack.”

(By the way, has any organisation ever admitted that it has been breached as the result of a ridiculously dumb attack that they really should have been able to stop dead in its tracks?)

The email addresses and travel details of nine million passengers are thought to have been accessed by the hackers, as well as the credit card details of 2,208 customers.

Sign up to our free newsletter.
Security news, advice, and tips.

According to the airline, “There is no evidence that any personal information of any nature has been misused” but one would have to question how on earth EasyJet would know with any confidence that it hadn’t been abused.

EasyJet CEO Johan Lundgren said in a press release:

“We take the cyber security of our systems very seriously and have robust security measures in place to protect our customers’ personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated.

“Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.

“Every business must continue to stay agile to stay ahead of the threat. We will continue to invest in protecting our customers, our systems, and our data.

“We would like to apologise to those customers who have been affected by this incident.”

EasyJet doesn’t mention it in its press release, but it subsequently emerged that the airline discovered its IT systems had been breached in January, and yet did not begin to inform some affected customers until April, and only made news of the hack public now in May.

EasyJet says it has informed the Information Commissioner’s Office (ICO), will have informed all remaining affected customers by May 26th, and has closed the vulnerability which they believe the hackers used to gain access to their systems.

The airline has attempted to explain this delay by describing the attack as “highly sophisticated”, and claiming that it has taken time to identify affected customers:

This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted. We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed.

In April, we notified a small group of customers whose credit card details had been impacted and offered them support including a dedicated helpline and monitoring.

Over this time, we have been working closely with the ICO and, following those discussions, we are now notifying other customers impacted by this incident. This is particularly in light of the increased risk of phishing emails since the outbreak of Covid-19.

More details will no doubt emerge in due course, but for now my recommendation for EasyJet customers would be to stay alert to unsolicited communications claiming to come from the company and to keep a close eye on their finances for unusual transactions.

News of the hack comes at the worst possible time for the airline, which is already facing considerable problems due to the Coronavirus pandemic.

Further reading: EasyJet’s breach notification email to customers – a closer look


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.