Page 78 - Cyber Defense eMagazine for July 2020
P. 78
COVID-19 And the Easyjet Hack - A Perfect Phishing
Storm
By Shachar Daniel, Safe-T’s CEO
As if the airline industry didn’t have enough to worry about at the moment, on May 19, EasyJet, the UK’s
biggest budget airline announced it had been breached. Exposed in the attack were the email addresses
and travel information for 9 million customers. A small group of customers also had their credit card
details, including the CVV, exposed in the attack which lasted from October 2019-March 2020.
Although EasyJet first learned about the attack in January, they only began informing those customers
whose credit card information was exposed in April. The airline said they did not disclose the attack earlier
due to the complexity involved in piecing together which systems and which individuals had been
affected. According to the UK's Information Commissioner's Office, “This was a highly sophisticated
attacker. It took time to understand the scope of the attack and to identify who had been impacted."
Bad Timing - COVID-19 and Airline Scams
The EasyJet hack just happens to come at a spectacularly rotten time, as airlines around the world,
EasyJet included, are dealing with severe losses due to COVID-19. According to Dr Jason Nurse of the
Kent Interdisciplinary Research Center, “It is clearly a difficult time for the travel industry considering the
impact of COVID-19 on operations. A cyber-attack is the last thing an airline would want to deal with
now.”
Cyber Defense eMagazine –July 2020 Edition 78
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.