Main menu

Cyber Security Incident

 

 

 

Be alert to phishing emails

 

Customers should always be alert to any unsolicited emails they receive. 

There are some simple steps you can take to help you stay safe online: 

  • Do not open emails or attachments if you have any questions on the source
  • Make sure you know who you are dealing with before disclosing any personal information online
  • Always check links before clicking on them – you can do this by hovering over the link to see whether the source is recognisable. Do not click any link if you are unsure

 

Also, please note, easyJet will never contact you unprompted to ask for your account details or security information, and we will never ask you to disclose your passwords, or to change your passwords on your easyJet account. 

For more information and tips, please visit https://ico.org.uk/your-data-matters/your-data-matters-blog 

 

 

Below you can find out more about what has happened, how we are responding, how you may be impacted and other additional information which will be helpful to you.

 

What has happened?

 

We have informed our customers that easyJet has been the target of an attack from a highly sophisticated source.

As soon as we became aware of the attack, we engaged forensic experts to investigate the issue and notified the National Cyber Security Centre. We also notified the Information Commissioner’s Office (ICO).

 

What does this mean for me?

 

A forensic investigation found that the names, email addresses and travel details of approximately 9 million customers were accessed.

In addition to the above, the investigation also found that the credit card details of 2,208 customers were accessed. Action has already been taken to contact all these customers and they have been offered support.  There is no evidence that any personal information of any nature, including credit card data, has been misused.

 

What do you mean by travel details?

 

Travel details are those details that you input when booking a flight or holiday, such as your name, email address, origin airport and your destination, and departure date.  It does not include financial details and passport information. These were not accessed.

 

How will customers know if they’ve been affected?

 

We have contacted the 9 million customers who have been impacted. If you have not been contacted, then your information has not been accessed.

 

Is this a different breach to the one you told me about in April 2020?

 

No. In April, we notified a small group of customers whose credit card details had been impacted. Over this time, we have been working closely with the ICO and following those discussions we have notified other customers impacted by this incident, particularly in light of the increased risk of phishing emails since the outbreak of Covid-19. If you have not heard from easyJet directly, your information is not affected by the incident.

 

When did you find out that your systems had been compromised?

 

We became aware of potential unusual activity in late January 2020 and launched an immediate investigation with the support of forensic experts.

 

When and how did you first notify people?

 

In April, we notified a small group of customers whose credit card details had been impacted. Since this time, we have been working closely with the ICO and, we are now notifying other customers impacted by this incident, particularly in light of the increased risk of phishing emails since the outbreak of Covid-19.

 

Why didn’t you tell me earlier?

 

This was a highly sophisticated attacker.  It took time to understand the scope of the attack and to identify who had been impacted.  We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed.  

In April, we notified a small group of customers whose credit card details had been impacted and offered them support including a dedicated helpline and monitoring.

Over this time, we have been working closely with the ICO and, following those discussions, we are now notifying other customers impacted by this incident. This is particularly in light of the increased risk of phishing emails since the outbreak of Covid-19.

 

What does this mean for my passport details?

 

Based on a thorough investigation, there is no evidence that passport details were accessed.

 

Has my password been impacted by this incident?

 

Passwords have not been impacted by this incident.

 

Can you be certain that no financial information has been accessed?

 

The investigation found that the credit card details of 2,208 customers were accessed. Action has already been taken to contact all these customers and they have been offered support. There is no evidence that any personal information of any nature, including credit card data, has been misused.

 

Could someone have edited my booking whilst they were in your system?

 

No.  Bookings have not been affected.

 

Is my easyJet plus card data secure?

 

These are handled by one of our partners which was not the target of the attack.

 

Is my easyJet prepaid money card secure?

 

These are handled by one of our partners which was not the target of the attack.

 

Is your system now secure?

 

We’ve shut out the attacker and bolstered our defences to further enhance our systems security.

 

What support is available if I have been affected?

 

We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications. We also advise customers to be cautious of any communications claiming to be from easyJet or easyJet holidays.  Customers can also find further advice at www.actionfraud.police.co.uk.

 

Are you providing compensation if I have been affected?

 

Apart from the very small subset of customers who we have already notified, no credit card details have been impacted.  We therefore do not expect there to be any financial loss caused by this incident.  We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications.

 

What impact has this had on your flights?

 

There is no operational impact. Obviously like all airline companies, easyJet operations have been adversely impacted by the coronavirus. 

 

Is your app secure?

 

The app has not been affected by this incident and customers can use it as normal. 

 

Do I need to reset my password details? 

 

As normal, customers should continue to be alert and it is good practice to reset passwords on a regular basis. You can find out how to do this on easyjet.com in “Reset my password”.

 

My friend/family booked a holiday for me/made a group booking. Is my data compromised? 

 

We have contacted all customers who have been impacted.  If you have not heard from easyJet directly, your information is not affected by the incident.

 

I have booked through a third party and not directly with easyJet. Am I affected?

 

We have contacted all customers who have been impacted.  If you have not heard from easyJet directly, your information is not affected by the incident.

 

What have you done to improve security since the breach?

 

Our cyber security is an issue we take very seriously.  We’ve bolstered our defences to further enhance our systems security. This is an evolving threat and every business must continue to stay agile to stay ahead of the threat.  We will continue to invest in protecting our customers, our systems, and our data.

 

Why should I trust booking with you?

 

We take the safety and security of customer information very seriously. With the systems improvements we have now made, we have bolstered the defences of our entire system.

 

If I book with you, are they putting their data at risk? 

 

We take the safety and security of customer information very seriously. With the systems improvements we have now made, we have bolstered the defences of our entire system.

 

What is your advice now?

 

We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications. We also advise customers to be cautious of any communications claiming to be from easyJet or easyJet holidays.

Please see the top of this page for further advice. 

 

Have you reported the incident to the Police? Is there a criminal investigation underway?

 

As soon as we became aware of the attack, we engaged forensic experts to investigate the issue and notified the National Cyber Security Centre. We also notified the Information Commissioner’s Office.

 

easyJet holidays

 

 

Has my easyJet holidays booking been affected?

 

This incident had no operational impact on easyJet holidays. Obviously like all holiday companies, easyJet holidays operations have been adversely impacted by the coronavirus.

 

Has my personal information from my easyJet holidays account been compromised?

 

A small number of customers from easyJet holidays were impacted by this breach.  Those customers impacted have been contacted directly by easyJet. 

 

What should I do now?

 

We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications. We also advise customers to be cautious of any communications purporting to come from easyJet or easyJet Holidays.

For further information you email us at infoalert@easyjet.com. You can also find general advice at www.actionfraud.police.co.uk.