Cybersecurity Threat Report for May 20th, 2020
Briefing
More information has surfaced about the Data Breach that has impacted the UK based air-line, EasyJet. According to Thomas Brewster of Forbes magazine, “The airline has seen no evidence that the information has been misused.” To date the following agencies have been notified.
- The Information Commissioners Office
- The National Cybersecurity Centre
Thomas goes on to state, “EasyJet confirmed that the attacker was accessing customer data between October 17th, 2020 and March 4th, 2020. The actor was inside the airline’s systems for more than four months. EasyJet became aware of the unusual activity in January 2020 and launched an immediate investigation with the support of forensic investigators.”
HelpNetSecuritys Zeljka Zorz has learned that EasyJet feels the actors were after intellectual property.
We warn our readers that Intellectual property has a broad meaning. We consider this merely a companies data no matter the level of confidentiality that is associated with it.
The VTN News Networks is reporting that customers are frustrated by the lack of the companies response.
Scope
9 million customers
Application
Unknown
Impact
The exfiltration of the emails and travel records of 9 million customers. As stated, an additional 2,200 credit cards were also lifted in the attack.
Attack Vector
Unknown
Mitigation Efforts
Remains unknown as of this press release.
Customer Notification
Notification will take place on or before May 26th.
Sources
- Forbes, EasyJet Hacked for Four Months, Data on 9 Million Customers And 2,200 Credit Cards Stolen.
- HelpNetSecurit, EasyJet Data Breach: 9 Million Customers Affected”.
- VTN News Networks, EasyJet hack, “I’ve been left in complete limbo”
Hits: 90
Responses