This story is updated on May 24, 2020
- easyJet data breach victims already filed a class action law suit to sue airline for up to £2,000 in compensation.
- The court has already accepted the case and if you suffered from easyJet data breach.
- We advise to act fast and submit request for free evaluation, so you can join the class action.
Data breach incident happened in 2019, but was only detected in January 2020 when EasyJet airline identified some suspicious activity. EasyJet reported a data breach to include email addresses, travel details, for some customers even credit card information was compromised. Case was reported to the UK's Information Commissioner's Office (ICO).
Large Impact of EasyJet data breach (high risk of phishing attacks)
As a result of the data incident, the 9 million people's personal information, to include email addresses, travel records were compromised. More than 2 thousand customers’ credit card details were compromised.
Stolen credit card data included credit card CVV code (three digital security codes), which is sensitive information that may allow bad actors to undertake fraudulent transactions.
Airline notified those passengers, whose credit card details were leaked, in April 2020.
According to EasyJet “This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted", as reported by BBC.
Airline informed passengers once investigation had progressed enough that the airline identified the scope of the breach and affected passengers.
The impact of the data breach could be far-reaching since EasyJet is the largest airline in the United Kingdom and flew 96.1 million passengers in 2019 alone. Those seven million passengers whose data may be compromised may be exposed to phishing attacks. Phishing is when bad actors send emails with links to fake websites that attempt to steal personal data, which results in identity theft and fraud.
EasyJet said it is committed to inform all affected passengers about such potential risks.
EasyJet stated that:
"there is no evidence that any personal information of any nature has been misused, however, on the recommendation of the UK's Information Commissioner's Office, we are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays."
In response to the breach, the ICO (the ICO is the UK's independent body that protects individuals’ information rights) said that it was investigating the data incident and that
"People have a right to expect that organisations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary."
Interesting stats according to recent surveys:
“1 out of 2 victims are notified by companies of data breach. On average it takes approx. 185 days for companies to react to data breach, so companies are slow to identify and respond to data incidents. if you have not been notified about data breach, it does not guarantee you were not affected.”
So our experts at DataClaim recommend you to check with airlines and ICO (contact details below) and follow our checklist below to remain on the safe side.
EasyJet data breach puts 7 million passengers at risk of phishing attacks
With email information and travel records compromised passengers are exposed to increased risk of phishing attacks, since many people are cancelling flights due to COVID 19 and related restrictions. Fraudsters can set up a clone website, example EaseJet.com which will look very similar to the original website with the goal to elicit any more personal information (name, login details, credit card details).
What does it mean for you? If you ever flown with EasyJet, you should:
- be very careful when you open and/or check any emails that come from the airline and you should check the sender information.
- In case of doubt, we advise to create a new email or call the airline. This way you can reduce the risk.
- Never click on any links asking for your personal information.
- If you want to contact EasyJet airlines, you can refer to contact details below and in sources.
UK Airlines recent exposure to data security breaches
Not too long ago, British Airways had suffered a massive data breach in 2018, where personal information of half a million passengers was compromised. As a result British Airways received a record fine of £183 million, notably data breach compensation payouts to passengers could peak at £3 billion.
Example with British Airways shows that sometimes companies may not identify the full scope of the data breach, where BA initially reported 380,000 people affected by breach, which later was increased to half a million. So this might hold true in this case as well.
If you are a victim of British Airways data breach, submit a request for free evaluation. You might be owed up to £2,000.
EasyJet Potential Liability for a Data Breach
Under GDPR (General Data Protection Regulation), if EasyJet is proved to have mishandled passengers’ personal data, the airline could face a fine of up to 4% of its annual worldwide turnover.
In addition to penalties, airlines if found guilty may be liable to pay compensation to passengers whose personal information was compromised.
EasyJet Data Breach: Can I Claim up to £2,000 in Compensation under GDPR?
The GDPR allows for private claims for compensation, so there is a legal ground to bring a data breach compensation claim.
While there is no determination of negligence on part of the airline yet, it is quite likely. In such a case any affected passenger can bring a claim for compensation even in absence of economic damages. DataClaim can help you claim compensation risk-free.
EasyJet Data Breach: How much compensation can I claim?
It depends and will be decided by the judge depending on your case and any inconvenience or losses suffered. Our estimate that compensation can be up to £2,000 or higher, if you suffered any identity theft, fraud or other losses.
EasyJet Data Breach what to do - Top 13 things to do (checklist)
If you were affected by EasyJet data breach, here is what you should do:
- Request to freeze credit card and get a new one, if the airline informed you that your credit card details were compromised
- Change login and password for your EasyJet Flight Club or EasyJet Holidays profiles
- If you use the same login and password for other accounts or bank accounts, change account access credentials
- Use double authentication
- Inform your bank or credit card company on increased risk of fraud
- Check your bank account and credit card statements for suspicious activity
- Don’t open unsolicited email from airline
- Never click on any links in unsolicited email
- Report any suspicious activity to airline (contact details below)
- Submit a data breach complaint to ICO here
- Keep any receipts of any of your expenses or any records of inconvenience or distress suffered
- If the airline offers you anything, consider accepting it, BUT do it without waiver of your rights to bring a claim for compensation
- Submit a request to DataClaim for free assessment of your claim. Don’t miss a chance to claim compensation up to £2,000 or more
If you have received a data breach notice from EasyJet, or you think your data might have been compromised, or you noticed suspicious activity, this indicates that you are likely a victim of data breach and you may be entitled to claim compensation up to £1,000 or more. Please submit your case as soon as possible, so we can investigate this for a potential compensation claim against
EasyJet Airline Contact details
EasyJet telephone numbers (website link in sources)
United Kingdom Call 0330 365 5000
Austria Call 0820 320 950
Croatia Call 0601 90199
Denmark Call 458988 1032
France Call 0806141141
Germany Call 03021782171
Greece Call 211198 0013
Israel Call 97237630561
Italy Call 199201 840
Portugal Call 70750 0176
Mon-Fri: 09:00-17:00 (local time)
Spain Call 902599 900
Switzerland Call 0848 282828
Netherlands Call 0900 040 1048
Rest of World Call +44330 3655454
UK's Information Commissioner's Office (ICO) contact details:
Your can submit a complaint online link in sources belowYou can also call ICO on 0303 123 1113 or get in touch via live chat