, , , ,

Know the risks & stay safe following the EasyJet data hack

Highly sophisticated hackers have successfully carried out a cyber-attack on the discount airline. The breached information includes the email addresses and travel details of nine million people and the financial details of 2,208 customers. All passengers involved in the EasyJet data hack will be contacted by 26th May at the latest (anyone who has had their financial data compromised has already been told).

If you are informed that your information has been breached, it’s essential that you understand the risks, and what to do to protect yourself.

The risk of phishing

Victims of the EasyJet data hack could be targeted by phishing scammers. Phishing occurs when a cybercriminal poses as a legitimate organisation, the police, or someone else you trust to trick you into handing over sensitive information such as usernames, passwords, financial data, etc.

In particular, EasyJet is advising customers to be cautious of any communications purporting to come from easyJet or easyJet Holidays.

You should also follow these tips to protect yourself from phishing scams:

  • Always question uninvited approaches in case it’s a scam and don’t assume an email or phone call is authentic
  • Know that, just because someone knows your details (such as your name and address or even your mother’s maiden name), it doesn’t mean they are genuine
  • Never disclose security details, such as your PIN or full banking password
  • Don’t click any suspicious links that claim to be from your bank (or anyone else). Always go to the organisation’s website by entering its proper address (or searching for it in Google)
  • Make sure your devices are protected by internet security software and keep this up to date
  • Be aware of common phishing techniques and keep an eye out for fraudsters who attempt to gather additional personal information
  • Listen to your instincts and stop conversations immediately if you are at all worried. A reputable organisation will never stop you from carrying out security checks.

The risk of financial fraud/theft

Over 2,200 customers had their credit card details accessed in the EasyJet data hack. With enough financial information, cybercriminals can set up fraudulent bank accounts and access your existing accounts. They can also make payments using your data, and even apply for credit/loans.

According to the BBC: the “stolen credit card data included the three digital security code – known as the CVV number – on the back of the card itself”. This is especially worrying as it makes it much easier for cybercriminals to misuse card information.

EasyJet warned customers whose credit card details were stolen in early April. If you were told your data was included in this breach and you haven’t already put steps in place to protect your finances, you must do so immediately. This includes:

  • Contacting your bank or credit card provider to let them know your data was violated (you should be issued with a new card and the bank might put additional security steps in place)
  • Keeping an eye on your transactions and contacting your bank or credit card provider immediately if you spot any unfamiliar or suspicious activity
  • Keeping an eye on your credit score for any unexpected dips
  • Contacting all the major credit reference agencies to ensure credit isn’t taken out in your name
  • Understanding that a legitimate bank or other financial organisation will never contact you ask for your PIN or full password, or ask you to move money to another account for fraud reasons
  • Registering with the Cifas protective registration service if you want to put an additional layer of security in place. This will slow down credit applications made in your name with additional verification checks made to ascertain that the applicant is actually you.

In addition, you should look out for phishing scams that attempt to use your financial data against you.

If you experience any financial loss or fraud attempts that you believe are linked to this data breach, please make a note of these and keep any evidence. If you decide to make a data breach claim, we can use this to support your case.

The risk of COVID-19 scams

Because of COVID-19, there is heightened concern about personal data being used for online scams. And hackers will likely try to take advantage of people who are cancelling flights because of the pandemic.

What’s more, people are more susceptible to scams when they are already anxious, and the combination of being hacked and coping with the pandemic is likely to cause additional stress. Hackers may try to take advantage of this, so you must be on your guard.

As well as being careful of any communications that claim to come from easyJet or easyJet Holidays, people should beware in case the data accessed in this hack is used in additional COVID-19 scams. Here are just some of the coronavirus scams you should look out for.

If you are targeted by scams and believe these are linked to this data breach, please note what has happened and keep any evidence. If you decide to make a data breach claim, we can use this to support your case.

The risk of developing/ exacerbating mental health conditions

The impact of data breaches goes much further than financial losses. Many victims go on to suffer from stress, anxiety and distress. Following a robbery, people often feel shock, anger, fear, helplessness and panic. A personal data breach is a 21st-century version of being burgled.

Furthermore, the psychological effects of a data hack might not be immediately apparent. Knowing that your information has been “burgled”, living with the increased risk, and the extra vigilance needed can all cause distress to victims over time.

Renowned clinical psychologist Professor Hugh C. H. Koch is an expert on the typical psychological effects experienced by victims of data breaches. He told us:

“Data breach victims typically experience high levels of anxiety, specific to the data breach but also generalised to other aspects of dealing with correspondence, telephone and digital communication and payment for services. Victims experience social anxiety, with difficulties dealing with friends and neighbours, tradesmen, shopping transactions and can develop oversensitivity or paranoia in their communications with others. They can also develop varying aspects of mood disturbances or depression especially including poor sleep and tearfulness.”

So, following the EasyJet data breach, victims must keep an eye on their emotional wellbeing to ensure that their mental health doesn’t suffer.

Has the EasyJet data hack put you at risk?

At Hayes Connor, we have been contacted by people concerned that EasyJet has breached their data; many of whom are understandably upset and anxious about the breach.

Making things worse, EasyJet took four months to warn customers that hackers had their personal information. So, it is possible that you might have already experienced phishing attempts and financial losses because of the breach. If this has happened to you, we encourage you to let us know.

We are now registering victims of this breach to a no-win, no-fee group litigation action against the airline. Group actions can be a powerful tool and can have a bigger impact than a single claim.

The law understands the damage that can be caused by worry and upset. So today, you can make a compensation claim if you have struggled emotionally following a data breach, even if you have not experienced any financial loss.


To become part of our EasyJet group action, we need you to register with us. This guarantees that you will form part of the compensation claims that will be lodged by us. We will also keep you updated about developments in this case as they happen.

There are no costs to register and no obligation to proceed.