Cybersecurity Threat Report for May 20th, 2020

Cyber Threat Report for May 20th, 2020


More information has surfaced about the Data Breach that has impacted the UK based air-line, EasyJet. According to Thomas Brewster of Forbes magazine, “The airline has seen no evidence that the information has been misused.” To date the following agencies have been notified.

  • The Information Commissioners Office
  • The National Cybersecurity Centre

Thomas goes on to state, “EasyJet confirmed that the attacker was accessing customer data between October 17th, 2020 and March 4th, 2020. The actor was inside the airline’s systems for more than four months. EasyJet became aware of the unusual activity in January 2020 and launched an immediate investigation with the support of forensic investigators.”

HelpNetSecuritys Zeljka Zorz has learned that EasyJet feels the actors were after intellectual property.

We warn our readers that Intellectual property has a broad meaning. We consider this merely a companies data no matter the level of confidentiality that is associated with it.

The VTN News Networks is reporting that customers are frustrated by the lack of the companies response.


9 million customers




The exfiltration of the emails and travel records of 9 million customers.  As stated, an additional 2,200 credit cards were also lifted in the attack.

Attack Vector


Mitigation Efforts

Remains unknown as of this press release.

Customer Notification

Notification will take place on or before May 26th.


Hits: 203

Related Articles

Secure Data Wiping & Destruction

Data wiping is an important part of business operations and any information security program. For those that have a Written Information Security Program (WISP) it likely includes the procedures and processes for data wiping and scrubbing of files, directories, and physical storage devices.

Cybersecurity Threat Report for May 14th, 2020

GUARDED: indicates a general risk of increased hacking, virus, or other malicious activity. There are 4 other levels. There’s Low, Elevated, High, and Severe.  From the Center for Internet Security, “The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.”


Your email address will not be published. Required fields are marked *

  • Sign Up
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.