In May 2020, airline company EasyJet became the latest company to inform the UK’s Information Commissioner’s Office, that the personal data of nine million of its customers had been stolen by hackers, with over 2,000 customers in this group also having their debit and credit card details accessed.
The company stated that while it first became aware of the attack in January 2020, it took time to understand the scope of the attack and to identify who had been impacted, before the company was able to tell who were the affected customers.
Knowing someone has your information can be really confusing and intimidating, so here area few tips and tricks you can use if you believe you were a victim.
Double check you were definitely a victim
EasyJet and any other company that experiences a data attack, is required to let those people who had their data stolen know. In the case of EasyJet, customers were told by email which of their data was accessed including, names, IP addresses, holidays travelled since October 2019 and, if they were one of the 2,000, if any bank details were taken. All customers affected should have been notified by the 26th May 2020.
Under current GDPR laws in Europe, when a company experiences an attack like this that compromises personal and financial data, they will likely be investigated by a data regulator and fined if found guilty of not putting in place enough security measures in place to prevent the attack.
However, once the company has informed their customers, they are not required by law to give any advice about what to do next.
Change all your passwords immediately
This may seem obvious but the truth is, it is never easy to accept you were the victim of an attack when you can’t physically see the attack happen or, understand its consequences. After all, what can someone do if they have access to your name and IP address?
Yet, with numerous high-profile data breaches occurring over the past few years, vigilance is key. Just think, if someone has your full name, how easy would it be for them to guess your email address? As a result, malicious actors will be sending unsolicited emails and messages in the hope to catch you out.
To make your accounts as strong as possible, and as best practice after a hack, creating a new, strong password is essential. Try to avoid using names that can be easily guessed with a simple search of your online profiles – pets or children, for example. Next, try adding special characters if you can. Capital letters, numbers and symbols are a great way to make your password harder to guess. For instance, instead of ‘Paris’, try ‘PaR1s!’.
If you’re worried about remembering your passwords, you can write them down in a password manager – a platform that stores all your passwords securely. This allows you to create passwords with a great deal more variety than memory alone and will save you having to click ‘forgot your password’ to reset it if you are easily forgetful.
Cancel your cards if your financial data was stolen
At this point in time EasyJet have said there is no evidence that any personal information of any nature has been misused, however, if your financial data was accessed, call you credit card company and ask for new card details to be sent straight away.
It is also recommended to check your bank and credit card statements very carefully for the next few months at least, to make sure you recognise all the purchases.
Finally, it is worth noting fraudsters will no doubt pose as EasyJet, banks, or the authorities and claim to be dealing with this latest breach. They are simply trying to steal personal details themselves. If you see any email requiring you to reset or input your details, especially bank account numbers, do not do so without asking a representative of the company if this is legitimate.
Got any questions? Write a comment in the section below.
Tech Troubleshooting 
2 thoughts