9 Million Emails Exposed and 2,000 Credit Cards Stolen in Sophisticated EasyJet Attack

What happened?

EasyJet first became aware of the attack in January according to the BBC, but only notified the 2,208 customers whose credit card details had been stolen last month. The firm said it was now going public with the attack in order to warn 9 million customers whose travel details were accessed that they should be on the lookout for phishing attacks.

The company has notified the National Cyber Security Centre and the ICO, the UK’s data protection watchdog. The ICO will now determine whether EasyJet will be fined under Europe’s General Data Protection Regulation (GDPR).

What information was exposed?

  • Credit card numbers
  • Email addresses
  • Travel details

What is a phishing attack?

Due to the massive number of email addresses exposed, anyone who has purchased an EasyJet flight should now be wary of communications they receive from the company. Phishing is a common scheme in which someone poses as a trusted party (in this case EasyJet) in an attempt to steal personal information such as credit card numbers and other personal data. Online scams, including instances of phishing, have risen exponentially during the COVID crisis. In April, Google reported 18 million daily malware and phishing emails related to COVID-19.

Generally speaking, phishing emails might include:

  • Claims a company has noticed suspicious activity on your account
  • A refund or coupon offer
  • A request for you to confirm personal info
  • A fake invoice

Things to watch out for:

  • High sense of urgency
  • No personalization
  • Poor spelling/grammar

Here is detailed information on how to spot a phishing scam.

If you suspect a phishing attempt following these measures, don’t reply to the email, hand out personal information, click on any links, or download attachments. You can contact the company’s support team to verify if the email is legitimate.

Looking for more info?

Visit our online safety hub for the latest breach report and a complete guide to staying secure on the internet.

    Dashlane

    Dashlane is a mobile and desktop app that gives you a shortcut for everything you do online. Log in instantly, fly through forms, and breeze through checkouts on every device you own.

    Read More