During the attack, email addresses and travel details were stolen and over 2,000 customers had their credit and debit card details accessed.
A number of customers in the Channel Islands have been sent an email from easyJet chief executive Johan Lundgren.
He apologised for the breach and warned customers to look out for phishing emails, which are emails sent from hackers and scammers purporting to be from legitimate institutions.
In one email to an easyJet customer, he said: ‘As soon as we became aware of the attack, we took immediate steps to manage and respond to the incident, closing off the unauthorised access. We engaged leading forensic experts to investigate the issue and we also notified the National Cyber Security Centre and the Information Commissioner’s Office.
‘Our investigation found that your name, email address, and travel details were accessed for the easyJet flights or easyJet holidays you booked between 17 October 2019 and 4 March 2020. Your passport and credit card details were not accessed, however information including where you were travelling from and to, your departure date, booking reference number, the booking date and the value of the booking were accessed.
‘We are very sorry this has happened.
‘Please be extra careful about phishing attacks. There is no evidence that personal information of any nature has been misused but please do be extra careful if you receive any unsolicited communications, particularly if they claim to be from either easyJet or easyJet holidays.’
He has also issued guidance, warning people not to open emails or attachments if there are any doubts about their source and making sure people know who they are dealing with before disclosing any personal information online
And customers should always check links before clicking on them – this can be done by hovering over the link to see whether the source is recognisable.
Do not click any link if you are unsure.
The chief executive added: ‘Once again, we’re sorry that this attack has happened.
‘We do take the safety and security of our customers’ information very seriously and will continue to take every action to protect it against any future attacks.’
