Chinese Hackers Attacked EasyJet

The recent high-profile cyber attack that struck British budget EasyJet may have been carried out by Chinese hackers, new research and multiple sources suggest.

EasyJet has disclosed that a "highly sophisticated cyber-attack" has affected approximately nine million customers admitting that email addresses and travel details had been stolen and that 2,208 customers had also had their credit and debit card details "accessed".

The cyber-attack, which saw the email addresses and travel details as well as the credit card details of more than 2,000 customers, was reportedly conducted by the same Chinese hackers responsible for other attacks on a number of airlines .

“We would like to apologise to those customers who have been affected by this incident,” said EasyJet’s CEO, Johan Lundgren.“As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications,” he told reporters. There is little information available about the identity of the alleged Chinese hackers behind the attack and Chinese official sources ahave declined to answer questions on the subject.  

Anonymous sources who spoke to Reuters, said the hacking tools and techniques used in the cyber-attack incident pointed to a group of Chinese hackers as the culprits and this unnamed group reportedly has an alleged record carrying out malicious cyber-attacks on airline companies. Other sources are reported to have said that the attack appeared to be part of a series by suspected Chinese hackers aimed at the bulk theft of travel records and other data. It is claimed that the hackers have in the past been reponsible for targeting the travel data in order to track the movement of specific individuals, suggestiing espionage as the motive, rather than ransom or fraid.

The hacking tools and techniques used appear similar those used in previous security breach incidents involving other airlines, allowed the Chinese hackers to steal data belonging to some 9 million EasyJet customers. In response to the cyber-attack incident, EasyJet has begun an investigation with the suggestion that the Chinese hackers had been targeting intellectual property, as opposed to data that would assist in identity theft.

The airlines's investigation’s preliminary findings support the claim that the hackers did indeed have a motive for the attack that was more than mere financial gain.

The airline has said that it will have contacted all affected customers by May 26, and that it is advising all users to be wary of phishing attacks in the wake of this security breach.

ICO Investigation

Aside from EasyJet’s internal investigation into the incident, another investigation is being carried out simultaneously, this time by the UK’s Information Commissioner’s Office (ICO) to determine whether the airline itself had not properly protected the personal data of its customers. 

The ICO investigation will likely result in EasyJet facing a heavy fine for the data breach having occurred in the first place, similar fines previusly exacted from both British Airways and Cathay Pacific.

British Airways is in the process of appealing against a £183m penalty that it received from the ICO in 2019 after cyber criminals stole the credit card details of hundreds of thousands of its customers the year before.

Data Stolen by Chinese Hackers

Because of the lack of information the attack itself and the precise motives of the Chinese hackers behind it; it is unknown how the personal information stolen might ultimately be used. According to the UK cyber security firm CybSafe, customers whose personal data has been stolen are most likely to experience targeted phishing attacks or other attempts of fraud. 

Whilst that attack took place in January that airline did not inform the affected customers until 4 minths later, raising widespread criticism of EasyJet's handling of the attack and one consquence is the the formation of a potenial £18 billion legal claim againts the airline.  

Information Commisioner's Office:         CP Magazine:     Reuters:       Security Boulevard:        BBC:  

You Might Also Read:

The BA Hack And How Not To Respond To A Cyber Attack:

Travelex Slowly Recovering From Ransomware Attack:

 

« The History Of The Internet And Its Possible Future
Covid-19 Is Working Well For Criminals »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

Join our experts as they give the insights you need to power your Security Information and Event Management (SIEM).

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Security Affairs

Security Affairs

Security Affairs is a blog covering all aspects of cyber security.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

Cyber Security Research Centre - University of Cardiff

Cyber Security Research Centre - University of Cardiff

Cardiff University's Centre for Cyber Security Research is a leading UK academic research unit for cyber security analytics.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

LEPL Cyber ​​Security Bureau - Georgia

LEPL Cyber ​​Security Bureau - Georgia

The aim of the LEPL Cyber Security Bureau is to create and strengthen stable, efficient and secure systems of information and communications technologies.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

Hassans International Law Firm

Hassans International Law Firm

Hassans is the largest law firm in Gibraltar, providing a full range of legal services across corporate and commercial law including Data Protection and GDPR compliance.

Conversant Group

Conversant Group

Conversant Group is an IT infrastructure and security consulting company, providing technical, organizational, procedural, and process consulting internationally.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

Mailinblack

Mailinblack

Mailinblack protects your organisation against email threats with an innovative solution that meets your security requirements.

Emerge Digital

Emerge Digital

Emerge Digital is a technology and digital innovation business and Managed Services Provider providing solutions to SMEs.

V2X

V2X

V2X delivers IT support, networking, and cybersecurity solutions that ensure optimal mission support and performance.

Karate Labs

Karate Labs

Karate is an open-source unified test automation platform combining API testing, API performance testing, API mocks & UI testing.

BreachBits

BreachBits

BreachBits are on a mission to deliver world-class cyber risk insights continuously at scale in situations where knowing the true risk truly matters.