Skip to main content

EasyJet faces huge class-action lawsuit over data breach

(Image credit: Shutterstock.com / Markus Mainka)

British airline EasyJet could be facing more woes after a huge class-action lawsuit was filed by a firm representing those affected by a major data breach.

The company disclosed on May 19 that their systems had been breached, with the personal data of nine million customers leaked online.

The suit was filed at the UK High Court by PGMBM, a law firm specialising in group legal action. The action is worth £18 billion and if successful, could result in each customer receiving a £2000 payout. 

“This is a monumental data breach and a terrible failure of responsibility that has a serious impact on easyJet’s customers,” said Tom Goodhead, PGMBM managing partner.

“This is personal information that we trust companies with, and customers rightly expect that every effort is made to protect their privacy. Unfortunately, easyJet has leaked sensitive personal information of nine million customers from all around the world.”

Data breach

Altough EasyJet disclosed the breach on May 19, the original breach was revealed to have taken place in January 2020. This meant that the company delayed telling affected customers that they could be at risk for four months, potentially leaving them open to attack.

Names, email addresses, travel dates, reference numbers and more were leaked, with the financial information, including credit card numbers of more than 2000 customers, also affected. 

PGMBM claims that the travel data in particular could pose a significant security risk to the affected travellers. The firm has invited affected EasyJet customers, regardless of where they are in the world, to join the lawsuit on a no-win, no-pay basis. 

However, as EasyJet was able to inform the Information Commissioner’s Office (ICO) about the breach, it may escape severe punishment from the watchdog - although  an ICO spokesperson confirmed that an investigation into the breach is ongoing.

Via: ComputerWeekly