Data of 9m EasyJet clients hit in cyber-attack

The airline is asking clients to remain vigilant, especially if they receive unsolicited requests for data verification or other information as they could be the target of phishing emails.

The hackers succeeded in accessing passenger email addresses and travel details, as well as the credit card details of 2,208 passengers. However, no passport details have been hacked.

EasyJet said that all affected customers will be contacted in the coming days, and by May 26, at the latest.

The company has already contacted people whose credit card data had been exposed.

The company apologises and says there are no indications to date that the information has been misused.

EasyJet had been unable to stop the unauthorised access to its computer system and alerted the UK’s cyber security organisation, the National Cyber Security Centre (NCSC) and the UK's data protection regulator (ICO), which are now investigating.

EasyJet’s CEO, Johan Lundgren, said: “We would like to apologise to those customers who have been affected by this incident. Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams.”