Share on facebook
Share on google
Share on twitter
Share on linkedin

On 19 May 2020, budget airline EasyJet announced that it had been affected by a serious data breach. Approximately nine million customers had email and travel details stolen. A further 2,208 customers had credit and debit card details compromised, including the 3-digit security code known as the CVV number.

The breach took place in January 2020, meaning it took four months for EasyJet to notify its customers. EasyJet asked victims to ‘please be extra careful about phishing attacks’, stressing the threat that victims face from fraudsters.
The Information Commissioner’s Office recently fined British Airways £183 million after it suffered data loss leaving the seriousness of this type of incident in no doubt.

On May 22 2020, PGMBM filed a claim in the High Court of London on behalf of victims of the breach. Under Article 82(1) of the GDPR, affected customers have a right to receive compensation for distress, inconvenience, annoyance and misuse of personal data. Impacted customers around the world could be entitled to compensation, with EasyJet’s total potential liability as much as £18billion.

To find out more, visit

PGMBM (a trading name of Excello Law Limited) – SRA License Number 512898

Excello Law is authorised and regulated by the Solicitors Regulation Authority and complies with the Solicitors Code of Conduct, a copy of which can be located here.