A couple of months back, my credit card provider replaced my card out of the blue. The reason was not divulged, but the list of possible reasons given was a data breach.
Now we find out that EasyJet has been compromised.
Budget airline easyJet has been the target of a “highly sophisticated” cyber attack, with more than 2,000 passenger credit cards placed at risk.
The airline said an investigation found that email addresses and the travel details of approximately 9million customers have been accessed by a third party fraudulent company.
The airline has closed off the unauthorised access, however it said personal details, including card details, may have been compromised.
Here we go again. I guess I’ll be getting scam emails claiming that I’ve been accessing “XXX” sites with my EasyJet password in the opening line and they have the video to prove it, so please send money to this bitcoin address. The answer will be fuck off as is usual with scammers and spammers.
I’ve changed the password of course. That said, the breach happened in January according to the BBC, which was about the time I got my new card. So why weren’t we given the opportunity to change passwords at that time?
It added that it had gone public now in order to warn the nine million customers whose email addresses had been stolen to be wary of phishing attacks.
It said that it would notify everyone affected by 26 May.
“We take issues of security extremely seriously and continue to invest to further enhance our security environment,” it said in a statement.
Not seriously enough, it would seem.
I don’t suppose it would be businesslike to write saying “we don’t give a toss about your security but thought we’d better show willing”. Me? Cynical? Noooo!
EasyJet did tell the banks, credit due for that. Regarding not telling public, I suspect Gov’t ICO told them not to until their investigation concluded
On the subject of data abuse, 8am Radio 4 news the company responsible for recruiting X,000 track and trace operatives have apologised for releasing the data of thousands of (their?) employees.
I was already apprehensive about the quality of these hastily recruited and trained people (not to mention what quasi legal powers they might have).
Now the organisation itself has fallen at the first hurdle.