EasyJet cyber attack: Chinese hackers suspected of stealing customers credit card details
A CYBER attack which exposed the data of around nine million easyJet customers was reportedly carried out by Chinese hackers, sources have claimed.
EasyJet: Nine million customers' details 'accessed' by hackers
EasyJet confirmed millions of customers had their email addresses and travel details exposed in a "highly sophisticated" cyber attack. The Luton-based airline said credit card details of more than 2,000 passengers were also accessed, along with other personal information such as a customer's name, email address, flight destination and date of travel.
EasyJet insisted there is "no evidence that any personal information of any nature has been misused".
The budget airline first became aware of the data breach in January and reported it to the Information Commissioner's Office (ICO).
According to news agency Reuters, two sources close to the investigation said the hacking tools and techniques used in the January attack pointed to a group of suspected Chinese hackers that has targeted multiple airlines in recent months.
A spokesman for easyJet declined to comment on who was responsible for the attack and Reuters could not determine on whose behalf the hackers were working.
China has repeatedly denied conducting offensive cyber operations and says it is frequently the victim of such attacks.
An easyJet spokesman said: “There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing.
"We are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays.”
The firm has said customers will be notified if they have been affected by May 26.
The ICO said it was also investigating the attack and urged anyone affected by data breaches to be particularly vigilant for phishing attacks and scam messages.
In a statement, the watchdog said: “People have a right to expect that organisations will handle their personal information securely and responsibly.
“When that doesn't happen, we will investigate and take robust action where necessary."
READ MORE: Coronavirus map LIVE: Cambridge scientists reveal strict lockdown plan
The low-cost airline operates more than 1,000 domestic and international routes to more than 30 countries.
Johan Lundgren, CEO of easyJet, has issued an apology to customers and warned of a heightened risk of online scams during the coronavirus crisis.
Mr Lundgren said: "We would like to apologise to those customers who have been affected by this incident.
"Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams.
DON'T MISS
Pound to euro exchange rate: GBP struggles to make gains [ANALYSIS]
The Queen’s annual tradition postponed until 2021 due to coronavirus [INSIGHT]
George Eustice sends warning shot to EU after Brexit stalemate [VIDEO]
"As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”
In 2018 the ICO issued a fine of more than £180million to British Airways (BA) after the credit card details of hundreds of thousands of customers were stolen
BA which is owned by airlines group AIG, is still appealing against a £183.4m fine it received from the watchdog.