EasyJet Says Cyberattack Exposed Data of 9 Million Customers
upstart writes in with an IRC submission:
EasyJet says cyberattack exposed data of 9 million customers:
UK budget airline EasyJet reported on Tuesday that hackers accessed the email addresses and travel details of more than 9 million customers in a "highly sophisticated" cyberattack. The hackers also accessed the credit card details of 2,208 customers.
The airline in the coming days will contact customers whose details were exposed in the breach. It has already contacted, and offered support to, those whose credit card information was accessed.
[...] As soon as the airline became aware of the attack, it took steps to respond to and manage the incident and engaged forensic experts to investigate the issue, EasyJet said. It also notified the National Cyber Security Centre and the ICO, the UK's data protection watchdog.
"We have a live investigation into the cyber attack involving easyJet," said a spokeswoman for the ICO in a statement. "People have the right to expect that organisations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary."
The ICO will be able to examine whether EasyJet should be fined under Europe's General Data Protection Regulation (GDPR), which is part of UK law.
Read more of this story at SoylentNews.