New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


EasyJet Suffers “Highly Sophisticated Cyber-Attack” Compromising Data of Nine Million

The travel booking company EasyJet announced that they had suffered a data breach recently which affected nine million customers. EasyJet became aware of the attack in January but wanted to be sure they understood the scope of the attack before beginning to notify customers. According to their statement, the email addresses and travel details for nine million customers had been stolen and the credit card details of 2,208 customers had been “accessed.” The “accessed credit card data” included the CVV, or security code, from the back of the card. Currently, few details of the attack have been released by EasyJet other than that it was “a sophisticated cyber-attack” and that their investigation so far indicates that the attackers were primarily targeting EasyJet’s intellectual property over client data. EasyJet plans to notify all impacted customers by May 26th.

Analyst Notes

Travel related businesses are all suffering currently under the travel restrictions caused by the COVID-19 pandemic. This has caused many of these businesses to send out regular emails offering customers discounts on goods and services, or updates on company information. This flood of emails makes for a perfect cover to send phishing emails, especially with an extensive list of customers specific to one company. For this reason, EasyJet set up an information page for their customers on how to spot scam emails claiming to be from EasyJet or EasyJet Holidays. The fact that the attackers appeared to be targeting intellectual property over client information is supported by the fact that such a small number of credit card details were accessed. This would mean that the client details which were accessed were possibly more of a target of opportunity and may end up finding their way to any one of a number of criminal marketplaces. EasyJet customers should be wary of emails from the company and seek to navigate to the EasyJet website on their own rather than blindly trust links from EasyJet emails at this time. More information on this incident can be found at: