Show vulnerabilities with patch / with exploit
28 May 2020

EasyJet faces £18 billion class-action lawsuit after customer data breach


EasyJet faces £18 billion class-action lawsuit after customer data breach

An £18 billion group class action lawsuit has been filed against UK budget airline EasyJet by customers impacted by a recently-disclosed data breach.

The lawsuit has been filed under the Data Protection Act 2018, and PGMBM, a law firm which has issued a class-action claim, is claiming up to £2,000 per affected customer, taking the total claim to £18 billion.

"EasyJet announced on the 19th May 2020 that sensitive personal data of 9 million travellers had been exposed in a data breach. Despite notifying the UK’s Information Commissioner’s Office of the breach in January 2020, EasyJet waited four months to notify its customers," the firm said.

"The sensitive personal data leaked includes full names, email addresses and most disturbingly of all, travel data including departure dates, arrival dates and booking dates. In particular, the exposure of details of individuals’ personal travel patterns may pose security risks to individuals and is a gross invasion of privacy.”

Earlier this month EasyJet revealed that the personal data of nine million customers leaked online due to a “highly sophisticated cyber-attack.”

At the time, the company said 2,208 credit card details were accessed by hackers, though the company insists that passport details of customers were not compromised.

However, in email informing customers about the breach the company admitted that the hackers also got access to their entire itineraries, including “where you were travelling from and to, your departure date, booking reference number, the booking date and the value of the booking.”


Back to the list

Latest Posts

Weekly security roundup: July 13, 2020

Weekly security roundup: July 13, 2020

A short overview of last week's top stories in the world of cyber security.
13 July 2020
Hackers are attempting to exploit recent Citrix vulnerabilities

Hackers are attempting to exploit recent Citrix vulnerabilities

Citrix downplayed the impact of the vulnerabilities and said they are less likely to be exploited compared to CVE-2019-19781.
13 July 2020
Zoom patches critical bug affecting Zoom client for Windows

Zoom patches critical bug affecting Zoom client for Windows

The company has also released a planned update for Phone and Web users, which brings AES-256 bit encryption.
13 July 2020