Skip to main content

EasyJet cyber attack hacks data of nine million customers

Published on: 22 May 2020

Customer's email addresses and travel details were stolen and 2,208 customers have also had their credit and debit card details ‘accessed’.

Stolen credit card data included the three-digit security code - known as the CVV number - on the back of the card itself.

EasyJet have informed the UK’s Information Commissioner’s Office while it investigates the breach. 

EasyJet first became aware of the attack in January. They told the BBC that it was only able to notify customers whose credit card details were stolen in early April. 

The airline said ‘This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted’.

‘We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed.’

EasyJet added that it had gone public now in order to warn the nine million customers whose email addresses had been stolen to be wary and they would notify everyone affected by 26th May.