25:
157:
that they were only able to notify customers whose details (credit card or email addresses) were stolen in April 2020. EasyJet told BBC "This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted". They also said "We could only
175:
attacks and that it would notify everybody by 26 May. Passengers whose credit card details were accessed were notified in April. They did not reveal details of the attack but said it seemed to be aimed at "company intellectual property" rather than information that could be used in identity theft.
186:
The
Information Commissioner's Office said they were investigating. The ICO said "People have a right to expect that organisations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary".
158:
inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed".
141:
EasyJet first learned of the cyberattack at the end of
January 2020. Approximately nine million people were affected with the credit card details of 2,208 also accessed. EasyJet notified the
628:
179:
EasyJet was not obliged to notify passengers whose basic booking details were compromised but they announced the details because of an increase in phishing attacks during the
562:
482:
406:
287:
452:
332:
513:
663:
618:
447:
432:
995:
608:
613:
437:
180:
396:
42:
142:
193:
requires companies to store personal details securely and EasyJet could face fines from the ICO of 4% of the airlines' turnover in 2019.
824:
442:
528:
358:
325:
1010:
874:
108:
89:
202:
61:
638:
391:
46:
171:
EasyJet said they had gone public to notify the nine million customers whose email addresses had been accessed to beware of
68:
538:
353:
318:
720:
523:
462:
587:
75:
1005:
710:
582:
467:
457:
35:
819:
503:
281:
279:
277:
275:
273:
271:
269:
57:
658:
765:
700:
572:
886:
770:
487:
862:
680:
508:
472:
416:
970:
543:
477:
1000:
949:
730:
401:
165:
82:
803:
798:
685:
603:
567:
695:
623:
892:
725:
670:
577:
292:
844:
715:
989:
965:
808:
780:
161:
The affected data covers flight bookings made from 17 October 2019 to 4 March 2020.
775:
675:
633:
242:
240:
238:
850:
518:
236:
234:
232:
230:
228:
226:
224:
222:
220:
218:
126:
24:
248:
838:
755:
745:
904:
856:
690:
386:
933:
880:
868:
832:
533:
252:
172:
740:
928:
898:
750:
735:
310:
130:
790:
705:
760:
190:
153:
EasyJet publicly revealed the attack in May 2020. They told the
314:
288:"EasyJet hack: what does it mean for me and my personal data?"
154:
18:
958:
942:
921:
914:
817:
789:
651:
596:
555:
496:
425:
379:
372:
49:. Unsourced material may be challenged and removed.
563:Munster Technological University ransomware attack
453:Waikato District Health Board ransomware attack
514:Anonymous and the Russian invasion of Ukraine
326:
8:
483:National Rifle Association ransomware attack
407:United States federal government data breach
249:"EasyJet admits data of nine million hacked"
164:The stolen credit card details include the
129:on the computer systems of British airline
918:
448:Health Service Executive ransomware attack
376:
333:
319:
311:
145:while they were investigating the breach.
109:Learn how and when to remove this message
438:Ivanti Pulse Connect Secure data breach
214:
183:. Passport details were not accessed.
619:Ukrainian cyberattacks against Russia
397:European Medicines Agency data breach
7:
47:adding citations to reliable sources
614:Change Healthcare ransomware attack
443:Colonial Pipeline ransomware attack
14:
143:Information Commissioner's Office
996:Cybercrime in the United Kingdom
433:Microsoft Exchange Server breach
203:2018 British Airways cyberattack
23:
639:IRLeaks attack on Iranian banks
247:Wakefield, Jane (19 May 2020).
34:needs additional citations for
1:
634:Fur Affinity domain hijacking
539:Shanghai police database leak
529:Costa Rican ransomware attack
286:Calder, Simon (19 May 2020).
463:Kaseya VSA ransomware attack
588:British Library cyberattack
578:Insomniac Games data breach
1027:
583:Polish railway cyberattack
468:Transnet ransomware attack
458:JBS S.A. ransomware attack
392:Twitter account hijacking
346:
1011:Cyberattacks on airlines
524:DDoS attacks on Romania
16:Cyberattack on EasyJet
863:Account pre-hijacking
609:Kadokawa and Niconico
509:Red Cross data breach
58:"EasyJet data breach"
534:LastPass vault theft
504:Ukraine cyberattacks
417:Vastaamo data breach
341:Hacking in the 2020s
43:improve this article
629:Trump campaign hack
545:Grand Theft Auto VI
412:EasyJet data breach
123:EasyJet data breach
731:IT Army of Ukraine
573:MOVEit data breach
402:Nintendo data leak
363:2030s →
166:card security code
1006:Computer security
983:
982:
979:
978:
804:maia arson crimew
799:Graham Ivan Clark
664:associated events
647:
646:
604:XZ Utils backdoor
568:Evide data breach
488:Banco de Oro hack
367:
366:
181:COVID-19 pandemic
119:
118:
111:
93:
1018:
919:
624:2024 WazirX hack
473:Epik data breach
377:
349:
348:
335:
328:
321:
312:
305:
304:
302:
300:
283:
264:
263:
261:
259:
244:
149:Public admission
114:
107:
103:
100:
94:
92:
51:
27:
19:
1026:
1025:
1021:
1020:
1019:
1017:
1016:
1015:
986:
985:
984:
975:
954:
938:
910:
822:
820:vulnerabilities
813:
785:
671:Anonymous Sudan
643:
592:
551:
492:
421:
373:Major incidents
368:
342:
339:
309:
308:
298:
296:
293:The Independent
285:
284:
267:
257:
255:
246:
245:
216:
211:
199:
151:
139:
115:
104:
98:
95:
52:
50:
40:
28:
17:
12:
11:
5:
1024:
1022:
1014:
1013:
1008:
1003:
998:
988:
987:
981:
980:
977:
976:
974:
973:
968:
962:
960:
956:
955:
953:
952:
946:
944:
940:
939:
937:
936:
931:
925:
923:
916:
912:
911:
909:
908:
902:
896:
890:
884:
878:
872:
866:
860:
854:
848:
845:PrintNightmare
842:
836:
829:
827:
815:
814:
812:
811:
806:
801:
795:
793:
787:
786:
784:
783:
778:
773:
771:Sakura Samurai
768:
763:
758:
753:
748:
743:
738:
733:
728:
723:
718:
716:GnosticPlayers
713:
708:
703:
698:
693:
688:
683:
678:
673:
668:
667:
666:
655:
653:
649:
648:
645:
644:
642:
641:
636:
631:
626:
621:
616:
611:
606:
600:
598:
594:
593:
591:
590:
585:
580:
575:
570:
565:
559:
557:
553:
552:
550:
549:
541:
536:
531:
526:
521:
516:
511:
506:
500:
498:
494:
493:
491:
490:
485:
480:
478:FBI email hack
475:
470:
465:
460:
455:
450:
445:
440:
435:
429:
427:
423:
422:
420:
419:
414:
409:
404:
399:
394:
389:
383:
381:
374:
370:
369:
365:
364:
361:
356:
347:
344:
343:
340:
338:
337:
330:
323:
315:
307:
306:
265:
213:
212:
210:
207:
206:
205:
198:
195:
150:
147:
138:
135:
117:
116:
31:
29:
22:
15:
13:
10:
9:
6:
4:
3:
2:
1023:
1012:
1009:
1007:
1004:
1002:
999:
997:
994:
993:
991:
972:
969:
967:
966:Cyclops Blink
964:
963:
961:
957:
951:
948:
947:
945:
941:
935:
932:
930:
927:
926:
924:
920:
917:
913:
906:
903:
900:
897:
894:
891:
888:
885:
882:
879:
876:
873:
870:
867:
864:
861:
858:
855:
852:
849:
846:
843:
840:
837:
834:
831:
830:
828:
826:
821:
816:
810:
807:
805:
802:
800:
797:
796:
794:
792:
788:
782:
781:Wizard Spider
779:
777:
774:
772:
769:
767:
764:
762:
759:
757:
754:
752:
749:
747:
744:
742:
739:
737:
734:
732:
729:
727:
724:
722:
719:
717:
714:
712:
709:
707:
704:
702:
699:
697:
694:
692:
689:
687:
684:
682:
679:
677:
674:
672:
669:
665:
662:
661:
660:
657:
656:
654:
650:
640:
637:
635:
632:
630:
627:
625:
622:
620:
617:
615:
612:
610:
607:
605:
602:
601:
599:
595:
589:
586:
584:
581:
579:
576:
574:
571:
569:
566:
564:
561:
560:
558:
554:
548:
546:
542:
540:
537:
535:
532:
530:
527:
525:
522:
520:
517:
515:
512:
510:
507:
505:
502:
501:
499:
495:
489:
486:
484:
481:
479:
476:
474:
471:
469:
466:
464:
461:
459:
456:
454:
451:
449:
446:
444:
441:
439:
436:
434:
431:
430:
428:
424:
418:
415:
413:
410:
408:
405:
403:
400:
398:
395:
393:
390:
388:
385:
384:
382:
378:
375:
371:
362:
360:
357:
355:
352:←
351:
350:
345:
336:
331:
329:
324:
322:
317:
316:
313:
295:
294:
289:
282:
280:
278:
276:
274:
272:
270:
266:
254:
250:
243:
241:
239:
237:
235:
233:
231:
229:
227:
225:
223:
221:
219:
215:
208:
204:
201:
200:
196:
194:
192:
188:
184:
182:
177:
174:
169:
167:
162:
159:
156:
148:
146:
144:
136:
134:
132:
128:
124:
113:
110:
102:
91:
88:
84:
81:
77:
74:
70:
67:
63:
60: –
59:
55:
54:Find sources:
48:
44:
38:
37:
32:This article
30:
26:
21:
20:
776:ShinyHunters
676:Berserk Bear
547:content leak
544:
411:
297:. Retrieved
291:
256:. Retrieved
189:
185:
178:
170:
163:
160:
152:
140:
122:
120:
105:
99:October 2021
96:
86:
79:
72:
65:
53:
41:Please help
36:verification
33:
851:FORCEDENTRY
791:Individuals
711:Ghostwriter
519:Viasat hack
127:cyberattack
990:Categories
839:Thunderspy
756:OceanLotus
746:LightBasin
696:DarkMatter
209:References
69:newspapers
1001:EasyGroup
971:Pipedream
905:Sinkclose
857:Log4Shell
825:disclosed
823:publicly
721:Guacamaya
691:Cozy Bear
659:Anonymous
387:BlueLeaks
137:Discovery
950:Predator
934:Drovorub
893:Terrapin
881:LogoFAIL
875:Downfall
869:Retbleed
833:SMBGhost
809:Kirtaner
766:Sandworm
741:Lapsus$
701:DarkSide
681:BlackCat
359:Timeline
253:BBC News
197:See also
173:phishing
929:Adrozek
915:Malware
899:GoFetch
751:LockBit
736:Killnet
726:Hafnium
131:EasyJet
83:scholar
907:(2024)
901:(2024)
895:(2023)
889:(2023)
887:Reptar
883:(2023)
877:(2023)
871:(2022)
865:(2022)
859:(2021)
853:(2021)
847:(2021)
841:(2020)
835:(2020)
818:Major
706:Dridex
652:Groups
299:20 May
258:20 May
125:was a
85:
78:
71:
64:
56:
761:REvil
354:2010s
90:JSTOR
76:books
959:2022
943:2021
922:2020
686:Clop
597:2024
556:2023
497:2022
426:2021
380:2020
301:2020
260:2020
191:GDPR
121:The
62:news
155:BBC
45:by
992::
290:.
268:^
251:.
217:^
168:.
133:.
334:e
327:t
320:v
303:.
262:.
112:)
106:(
101:)
97:(
87:·
80:·
73:·
66:·
39:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.