Power to the People: Why the public are taking action in response to their data being breached by easyJet
easyJet is set to face High Court action in Belfast for the alleged violation of privacy rights, with lawyers representing more than 50 customers beginning a group litigation against the airline.
In May, easyJet announced that it had been the target of a highly sophisticated cyber-attack, with the email addresses and travel details of nine million customers exposed, with more than 2,200 also having their credit card details accessed.
The airline became aware of the breach in January and informed the Information Commissioner’s Office (ICO). The company has stressed however that there is no evidence of personal data being misused.
With Lawyers saying that this is likely the biggest breach in the history of this jurisdiction, easyJet should be very concerned indeed. Not only do they face a massive ICO fine- but being sued by its own customers is unprecedented. Simply put, people have had enough.
Indeed, as the profile of data and its importance continues to rise amongst the general public and the increasing interest from mainstream media in each and every data breach, companies should be expecting more legal proceedings in the aftermath of a breach. The cost of a data breach according to the Ponemon Institute was in 2019 around £3.18million – with an increase in lawsuits from customers this is likely to rise significantly in 2020.
Customers put their trust in organisations to look after their personal information and with lawyers citing this as a “gross failure of responsibility”, this mammoth data breach is not only a financial disaster for the company, but a reputational one as well.
Although fraud is a primary concern for easyJet customers, phishing attacks are also something that they need to look out for as well, with the pandemic providing a perfect opportunity for hackers. Cyber criminals armed with personal information such as email addresses are able to send bogus emails which are supposedly from easyJet. These emails might include an infected attachment which links to a bogus website, with the intention of getting customers to hand over their login details.
Armed with this information, criminals would be able to access details on victims’ accounts, such as their name, address and payment card details. Therefore, customers need to stay vigilant and be extremely wary of opening any emails from companies that have recently had a data breach.
During the pandemic there has been a surge in phishing emails with cyber criminals exploiting the uncertainty surrounding the situation. According to Action Fraud £3.5 million has been scammed out of UK consumers so far. The class-action lawsuit leans on GDPR legislation which gives consumers the right to claim compensation when their information is compromised in security incidents.
If you’re worried about your employees’ ability to identify a scam email, then we can help. Our services give you a clear picture of exactly how prepared your workforce is for a cyberattack. We give companies the right tools to defend themselves and our expert team are always on hand with clear and concise guidance to help keep you and your company safe.