Security experts have warned that the personal details of millions of easyJet customers could be sold on the dark web, after they were were “accessed” by hackers during a cyber attack.
Around nine million people were caught up in the breach, of which over 2,200 customers had credit card information taken. The budget airline has not revealed the full extent of the breach and it is not yet clear whether the compromised data includes CVV numbers (the three-digit code on the back of credit cards) and expiry dates, which would give hackers freer means to use the cards.
It is also currently unclear how hackers managed to breach the airline’s systems. The company said it is working with the Information Commissioner’s Office (ICO) and National Cyber Security Centre to get a better understanding.
Why was easyJet targeted?
This is not the first time that an airline has suffered a cyberattack; in 2018, cyber-criminals stole payment card details from an estimated 500,000 British Airways passengers. Delta and Cathay Pacific were both targeted the same year.
Netscout, a company which provides application and network performance management products, said that attacks against airlines throughout 2017 and 2018 increased by more than 15,000 per cent, for a number of reasons.
How valuable is personal information to hackers?
When British Airways was hacked, cyber security experts said that customer information would be published on the dark web – a part of the internet not available via traditional search engines that is used to sell personal information, illicit substances, weapons, and other illegal products – and that such details can sell for upwards of £50 in the right circumstances.
However, those numbers are not set in stone, and experts will be able to make more accurate estimations when more information about the hack is revealed.
Who, or what, caused the breach?
The British Airways hack has been attributed to Magecart: A group of hackers who use web-based card skimmers (hidden inside ATMs, fuel pumps, and websites) to steal card information, says RiskIQ, which published details tracking the British Airways hackers’ strategy.
Malicious individuals could use that information themselves, or use it as a means to get more valuable information by phishing customers – pretending to be a trustworthy body to make their victims hand over more data. By using customer names, mobile numbers, or home addresses, the hackers could pretend to be a building society and attempt to gather more sensitive logins such as banking information, for example.
What should customers do?
Customers that are affected should be contacted by easyJet no later than 26 of May, yet those who want to be safe should change easyJet passwords, ensure that they are not using the same password for multiple websites, and monitor their credit cards for suspicious activity.