EASYJET DATA BREACH
On 19 May 2020, budget airline EasyJet announced that it had been affected by a serious data breach. Approximately nine million customers had email and travel details stolen. A further 2,208 customers had credit and debit card details compromised, including the 3-digit security code known as the CVV number.
The breach took place in January 2020, meaning it took four months for EasyJet to notify its customers. EasyJet asked victims to ‘please be extra careful about phishing attacks’, stressing the threat that victims face from fraudsters.
BRITISH AIRWAYS DATA BREACH
On 7 September 2018, British Airways announced that their online reservation systems had been accessed by an unauthorised third party, compromising the data of over 420,000 customers.
The breach affected customers who had entered or amended data for their flight bookings on the British Airways website and app between 21 August and 5 September 2018.
Initially, BA was fined £183 million by the Information Commissioner’s Office – a regulator – for the breach. However, in October 2020 a decision was granted to levy the fine, reducing it to £20 million. None of this money will go to the affected customers.