https://uk.reuters.com/article/uk-easyjet-cyber/easyjet-hit-by-cyber-attack-hackers-access-nine-million-customers-details-idUKKBN22V1J3

Oops

Not good... let's see how it evolves but PCI Data Storage requirements should preclude actual CC info to leak at all...

The leak happened in April and authorities and those affected were notified already back then.

The leak happened in April and authorities and those affected were notified already back then.

"The airline said the personal information of 9 million customers – comprising email addresses and travel details (though not passport information) – was accessed.

Of those affected, 2,208 had credit card details stolen, easyJet said in a statement to the stock market. It first became aware of the attack in January."

EasyJet hacking attack (https://www.theguardian.com/business/2020/may/19/easyjet-hacking-attack-what-to-do-customers)

It happened in January, company found out in April, people and employees were informed straight away, together with authorities.
What I don't get is why the headlines are coming out just now.

It happened in January, company found out in April, people and employees were informed straight away, together with authorities.
What I don't get is why the headlines are coming out just now.
Because there was an official board statement to the markets about it. Which of course sparks press covery, but not much in terms of stock market movement compared to other days in the last three months. As a customer i got an email about it back at the beginning of april iirc.

https://www.standard.co.uk/business/comment-easyjets-hack-was-probably-by-a-state-and-probably-by-china-a4446596.html

Got an email letter about the recent security breach this morning. Was not informed in April about the previous security breach. However, as I did not make any bookings with EZY during the period specified so think that all account holders or customers were notified whether or not information was taken. Now to keep an eye for phishing!

The notifications in April were sent out only to about 2,000 customers who had their credit card details accessed (together with some other information).
The notifications being sent out now are to the other 9 million who had some other information accessed but NOT their credit card details.

The notifications in April were sent out only to about 2,000 customers who had their credit card details accessed (together with some other information).
The notifications being sent out now are to the other 9 million who had some other information accessed but NOT their credit card details.

They got my information re flight bookings, but no credit card details lost (We are told). Email received this morning. Now if only someone could locate the offenders and surgically remove their assets I for one would be pleased.

IG