EasyJet cyber attack ‘came from China’.
Budget airline, easyJet, has been targeted in a cyber attack with the details of nine million customers’ personal details reportedly stolen.
Of the nine million affected, it appears 2,200 had their credit card details stolen.
The news of the late January attack is blamed at Chinese hackers after sources confirmed that the hacking tools and techniques used in the breach pointed to a group that has targeted multiple airlines in recent months.
However, in previous attacks, the suspected group targeted travel records and other data to track the movement of specific individuals, as opposed to stealing credit card details for financial gain.
The UK’s Information Commissioner’s Office (ICO) said on Tuesday that it was investigating the cyberattack.
Anyone affected by the hack is advised to be vigilant about phishing attacks and scam messages.
“We have a live investigation into the cyberattack involving easyJet,” the ICO said.
“People have the right to expect that organisations will handle their personal information securely and responsibly. When that doesn’t happen, we will investigate and take robust action where necessary.”
It is likely easyJet will face a hefty fine, similar to how British Airways was fined £183.4m by the ICO for the 2018 data breach where hundreds of thousands of credit card details were stolen.
In April, easyJet secured a £600m loan from the Treasury and Bank of England’s emergency coronavirus fund, after claiming it would run out of cash by the year end regardless.