easyJet confirmed that it has been a victim of data breach, where the hacker gained access to nine million customers’ email addresses and travel details. Additionally, 2,208 credit-card details were also compromised. The company has yet to disclose when and how the breach occurred. It has alerted the UK’s Information Commissioner’s Office and National Cyber Security Centre (NCSC) as well as hired an expert to look into the breach.
Experts Comments
It was a ‘highly sophisticated’ attack, illustrating that cybercriminals are constantly advancing their attack methods.
The airline industry is an extremely attractive target to cybercriminals, as they can collect and store personally identifiable information (PII) on billions of passengers every year, including passport numbers, credit card information, email addresses and much more. In this easyJet incident, millions of passenger email addresses and travel details, along with thousands of credit card numbers were compromised. Although the airline stated that there is no evidence of the data being misused, bad.....Read More
Many people are focusing on the impact this breach has on individuals, but there are much larger organizational or government risks too.
A lot of people are missing the potential big picture impact of the EasyJet breach and the risk it could pose to other enterprise or government organizations. Of course the individuals impacted should heighten their cybersecurity awareness and take steps to further protect themselves – but the organizations these nine million people work for need to be vigilant too. One thing we noticed from past breaches at places like American Airlines and the U.S. Office of Personnel Management is that the .....Read More
If a hack leads to fines and loss of trust that will cost them at a time they really can't afford it.
So many organisations and businesses are facing threats to their very existence at the moment that cyber threats almost pale into insignificance compared to the other challenges. However, cybercriminals will take advantage of anyone taking their eye off the ball and could well be targeting industries and companies they think are struggling, knowing that budgets will be cut and focus will be elsewhere. Staying vigilant to any vulnerabilities that could provide an entry point to these.....Read More
EasyJet have followed correct procedures by notifying the customers who were affected and publicly warning the nine million people.
Airlines are already struggling in the face of the challenges generated by the COVID-19 pandemic so this is more bad news for the industry.
All personally identifiable information can be valuable if it falls into the wrong hands, and in this case credit card details of EasyJet customers were stolen.
It seems like EasyJet have followed correct procedures by notifying the customers who were affected and publicly warning the nine million people whose email addresses had been stolen but if.....Read More
Another proactive step enterprises should take is to replace multi-factor authentication with no-touch authentication.
Now more than ever in the current WFH environment, individuals and enterprises should replace passwords with user identity certificates. PKI-based identity certificates make life much easier for employees by eradicating the burden of remembering, updating, and managing passwords.
Another proactive step enterprises should take is to replace multi-factor authentication with no-touch authentication. Unlike hardware-token multi-factor authentication (MFA), or SMS-based MFA, digital certificates.....Read More
Ensuring an attack of this scale does not happen again requires a concerted effort across all levels of an organisation.
Cyber criminals are opportunistic and immoral, and have increasingly targeted large, small and medium-sized organisations with a plethora of sophisticated scams, malware, phishing and hacking attacks, hoping to capitalise on their weakened state as a result of COVID-19.
Unfortunately, the influx of new and personally-owned devices into an ever-increasing remote workforce has expanded the window of opportunity for cyber attackers – providing them with a much larger range of devices and.....Read More
The EasyJet data breach means millions of customers’ passwords and email addresses have been leaked.
These uncertain times have given rise to a new cadence of cyber attacks facing organisations, and hackers are increasingly targeting vital industries which may have become more vulnerable due to COVID-19. Unfortunately, new remote working conditions combined with IT and security budget constraints, has meant organisations are facing unprecedented levels of cyber attacks.
The EasyJet data breach means millions of customers’ passwords and email addresses have been leaked, and therefore it is.....Read More
Check Point’s UK regional director, Andy Wright
There is enough personal information in the stolen records to make those people targets for identity theft and fraud. Hackers are likely to trade the stolen data as well as trying to trick customers into revealing further personal details using targeted phishing emails.
It’s just a numbers game for hackers, as they can easily send tens of thousands of emails in the hope of tricking a handful of customers. Customers affected should be suspicious of any emails or even phone calls that.....Read More
Easyjet hack underlines need to tie threat alerts to an organisation's risk profile
Not for the first time an airline company has fallen prey to a data breach. The valuable haul of personal information they hold is a magnet for cyber criminals which means, sadly, it probably won’t be the last.
As attackers become more sophisticated and attacks continue to evolve, cyber security teams newly adjusted to remote working are experiencing unusually high levels of threat alerts. Brute force attacks against firewalls, VPNs and Remote Access Servers, in particular, have.....Read More
A major data breach is the last thing the travel sectors needs now
This last thing that the travel industry needed right now was a data breach of this size and scale. However you look at it, nine million customers with their data breached is not a good look and the true cost of this to EasyJet is yet to be revealed. Such breaches occur with depressing regularity now, yet organisations do not seem to think it will happen to them – until it does.
Effective cyber security is not just a question of investing in the latest software, it’s about that combination .....Read More
The use of multi factor authentication and practising proper password hygiene is a necessary step to best avoid account takeovers.
Although not sufficient enough to commit Identity Theft or Financial Fraud on its own, the theft of emails and travel plans could be used to launch phishing campaigns against the affected individuals. Combined with other personal information scraped from public social media profiles, these stolen emails can be customised and crafted to target the individual, thereby increasing the likelihood that the victim will be induced to provide passwords or sensitive account access.
In addition,.....Read More
Affected customers should urgently contact their banks to consider credit card cancellation and re-issue process.
9 million user records and just 2 million credit card details seem to be just a tiny percentage of the total number of EasyJet customers. This may be an indicator that either the attack affected an isolated server or probably a supplier, or that it was quickly detected stopping data exfiltration process of the attackers.
The scant volume of currently disclosed information about the data breach is, however, insufficient to make definitive conclusions about the origins and potential consequences .....Read More
As 9 million customers’ data has been accessed, it is a significant breach.
Transportation as part of critical national infrastructure is a tempting target for nation state threat actors and cybercriminals alike. Whilst EasyJet characterise this attack as coming “from a highly sophisticated source” we’ve yet to see details that corroborate the sophistication or attacker attribution. It may well be the case that, like the British Airways attack, they’ve had a web application compromised which has been used to gain unauthorised access. As 9 million customers’.....Read More
We will most likely see a series of phishing attacks targeting EasyJet customers in the near future.
Passengers have to trust that airlines are securing their Personal Identifiable Information when they book with them, but a breach of this magnitude breaks that trust. In many cases, we are still seeing misconfigurations/human errors commonly used by attackers to exploit victims with misuse of encryption often compounding the effects of human error in each type of breach. Allowing the information of about 9 million customers to be breached is a huge error, especially considering that the credit .....Read More
James Smith
May 20, 2020
Principal Security Consultant and Head of Penetration Testing
Bridewell Consulting
Transparency is key in maintaining customer trust, especially for firms like EasyJet in the travel industry.
At this stage, it’s not clear how the hackers managed to gain access to EasyJet’s systems. However, with the disruption caused by COVID-19, we have seen a notable increase in attackers targeting all sectors, including travel, to take advantage of the reduced resources and focus on cyber security.
Despite the current climate, technical defence is still paramount, and in particular, regular penetration testing is vital, particularly in the current remote environment many business are.....Read More
The airline could face a penalty of up to 4% of its annual worldwide turnover of the preceding financial year.
With the travel industry already facing mounting criticism as thousands of customers struggle to receive refunds in the wake of the coronavirus pandemic, news that nine million EasyJet customers have had their personal information exposed is another damaging blow to the airline.
Although EasyJet has said that there is no evidence any customer data has been misused, the fact that over 2,000 customers have had their credit card details exposed is disastrous. Customers could fall victim to.....Read More
Airlines can be a lucrative target for hackers as they are a treasure trove of personal information.
This is a difficult time for airlines and a data breach isn’t going to help with regaining customers’ trust. EasyJet will quickly need to explain why it has taken so long since January to announce this and why the affected customers have still not been informed. The fact that it has been working with ICO and NCSC is reassuring, and hopefully this will reduce any potential GDPR fines, but either way this is not going to do its business any favours.
Airlines can be a lucrative target for.....Read More
ompanies should follow the principle of least-privileged access when provisioning identity and access management (IAM) permissions.
Airports and airlines are increasingly reliant on technology and the global aviation industry is more connected than ever before, making these companies much more susceptible to cyberattacks. Research from ImmuniWeb found that 97% of the world’s top airports failed the cybersecurity posture test administered by the firm. Unfortunately, this data breach impacting easyJet passengers illuminates how many organizations’ cybersecurity and compliance practices are reactive.
To properly protect.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Conventional cybersecurity products are good at detecting and blocking known threats. But it’s the unknown security threats which are of high risk...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/uk-airline-easyjet-data-breach-impacts-9m-customers-expert-commentary
Facebook Message
@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Conventional cybersecurity products are good at detecting and blocking known threats. But it’s the unknown security threats which are of high risk...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/uk-airline-easyjet-data-breach-impacts-9m-customers-expert-commentary