Chinese Hackers Attacked EasyJet

Uploaded on 2020-06-08 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The recent high-profile cyber attack that struck British budget EasyJet may have been carried out by Chinese hackers, new research and multiple sources suggest.

EasyJet has disclosed that a "highly sophisticated cyber-attack" has affected approximately nine million customers admitting that email addresses and travel details had been stolen and that 2,208 customers had also had their credit and debit card details "accessed".

The cyber-attack, which saw the email addresses and travel details as well as the credit card details of more than 2,000 customers, was reportedly conducted by the same Chinese hackers responsible for other attacks on a number of airlines .

“We would like to apologise to those customers who have been affected by this incident,” said EasyJet’s CEO, Johan Lundgren.“As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications,” he told reporters. There is little information available about the identity of the alleged Chinese hackers behind the attack and Chinese official sources ahave declined to answer questions on the subject.  

Anonymous sources who spoke to Reuters, said the hacking tools and techniques used in the cyber-attack incident pointed to a group of Chinese hackers as the culprits and this unnamed group reportedly has an alleged record carrying out malicious cyber-attacks on airline companies. Other sources are reported to have said that the attack appeared to be part of a series by suspected Chinese hackers aimed at the bulk theft of travel records and other data. It is claimed that the hackers have in the past been reponsible for targeting the travel data in order to track the movement of specific individuals, suggestiing espionage as the motive, rather than ransom or fraid.

The hacking tools and techniques used appear similar those used in previous security breach incidents involving other airlines, allowed the Chinese hackers to steal data belonging to some 9 million EasyJet customers. In response to the cyber-attack incident, EasyJet has begun an investigation with the suggestion that the Chinese hackers had been targeting intellectual property, as opposed to data that would assist in identity theft.

The airlines's investigation’s preliminary findings support the claim that the hackers did indeed have a motive for the attack that was more than mere financial gain.

The airline has said that it will have contacted all affected customers by May 26, and that it is advising all users to be wary of phishing attacks in the wake of this security breach.

ICO Investigation

Aside from EasyJet’s internal investigation into the incident, another investigation is being carried out simultaneously, this time by the UK’s Information Commissioner’s Office (ICO) to determine whether the airline itself had not properly protected the personal data of its customers. 

The ICO investigation will likely result in EasyJet facing a heavy fine for the data breach having occurred in the first place, similar fines previusly exacted from both British Airways and Cathay Pacific.

British Airways is in the process of appealing against a £183m penalty that it received from the ICO in 2019 after cyber criminals stole the credit card details of hundreds of thousands of its customers the year before.

Data Stolen by Chinese Hackers

Because of the lack of information the attack itself and the precise motives of the Chinese hackers behind it; it is unknown how the personal information stolen might ultimately be used. According to the UK cyber security firm CybSafe, customers whose personal data has been stolen are most likely to experience targeted phishing attacks or other attempts of fraud. 

Whilst that attack took place in January that airline did not inform the affected customers until 4 minths later, raising widespread criticism of EasyJet's handling of the attack and one consquence is the the formation of a potenial £18 billion legal claim againts the airline.  

Information Commisioner's Office:         CP Magazine:     Reuters:       Security Boulevard:        BBC:  

You Might Also Read:

The BA Hack And How Not To Respond To A Cyber Attack:

Travelex Slowly Recovering From Ransomware Attack:

 

« The History Of The Internet And Its Possible Future
Covid-19 Is Working Well For Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Gigamon

Gigamon

Gigamon provides intelligent Traffic Visability solutions that provide unmatched visbility into physical & birtual networks without affecting the performance or stability of production environments.

Paladion

Paladion

Paladion is a provider of managed IT security services.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

Hivint

Hivint

Hivint is a new kind of Information Security professional services company enabling collaboration between our clients to reduce unnecessary security spend.

Cybersecurity Competence Center (C3)

Cybersecurity Competence Center (C3)

The Cybersecurity Competence Center was created to further strengthen the Luxembourg economy in the field of cybersecurity.

National Cybersecurity Preparedness Consortium (NCPC)

National Cybersecurity Preparedness Consortium (NCPC)

The mission of the NCPC is to provide research-based, cybersecurity-related training, exercises and technical assistance to local jurisdictions, counties, states and the private sector.

Spohn Solutions

Spohn Solutions

Spohn combines highly-experienced staff with a vendor neutral approach to deliver optimal solutions for IT Security and Compliance.

Silent Sector

Silent Sector

Silent Sector is a cybersecurity services company that specializes in providing a wide range of managed security services.

Buchbinder Information Technology Solutions

Buchbinder Information Technology Solutions

Buchbinder Tunick & Company is a premier CPA and advisory firm offering a broad range of assurance, tax, business consulting and IT consulting services.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

Cyber Ranges

Cyber Ranges

Cyber Ranges is the next-generation cyber range for the development of cyber capabilities and the validation of cyber security skills and organizational cyber resilience.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

Robosoft Technologies

Robosoft Technologies

Robosoft Technologies is a full-service digital transformation partner. We provide end-to-end digital transformation services in areas including cybersecurity.