National Cyber Security Centre
NCSC statement: EasyJet cyber incident
An NCSC statement and advice following a cyber attack on EasyJet.
An NCSC spokesperson yesterday said:
"We are aware of this incident and have been working with EasyJet from the outset to understand how it has affected people in the UK.
“The NCSC would recommend anybody with accounts that could have been compromised to be especially vigilant against any unusual activity in their bank accounts or suspicious phone calls and emails asking them for further information.
“We would recommend considering changing passwords for accounts that could have been affected. More information can be found on the NCSC website.”
Information and advice for customers of EasyJet
- EasyJet have issued a statement regarding this incident
- Anyone who thinks they have been a victim of online crime can report a cyber incident using Action Fraud’s online fraud reporting tool anytime of the day or night, or call 0300 123 2040. For further information visit www.actionfraud.police.uk.
- If you’re an EasyJet customer, we recommend changing your password on your EasyJet account – and if you know you’ve used that password anywhere else, change it there too. The best way to make your password long and strong is by using a sequence of three random words you'll remember. Of course, remembering lots of passwords can be difficult, but if you save them in your browser then you don’t have to. There is more information on the NCSC website.
- Now would also be a good time to check if your account has appeared in any other public data breaches. Visit https://haveibeenpwned.com, enter your email address and go from there.
- Two-factor authentication (2FA) is a free security feature that gives you an extra layer of protection online and can stop cyber criminals getting into your accounts - even if they have your password. If it is available then we suggest using it on all your important accounts.
- If your account has been compromised, your personal details may be used to help craft more convincing scam emails. If you believe you have received a suspicious email then you can report it to the NCSC using the Suspicious Email Reporting Service (SERS) but the NCSC has produced advice which will help you spot the most obvious signs of scam emails.
- EasyJet confirmed that 2,208 credit card details were accessed in this incident. If you were one of them, you should be notified of this by EasyJet. We advise that you monitor your accounts for any unusual activity and if you’re worried, get in touch with your bank’s fraud department. There is more information on the NCSC website
Latest News from
National Cyber Security Centre
NCSC helps small businesses move from physical to digital21/05/2020 12:43:00
Launch of advice and practical tips to help SMEs move their business online.
Flagship cyber conference confirmed for Wales in 202119/05/2020 11:15:00
CYBERUK 2021 will take place in the International Convention Centre (ICC), Newport in May.
NCSC shines light on scams being foiled via pioneering new reporting service07/05/2020 13:15:00
The UK public flags more than 160,000 suspicious emails leading to removal of over 300 fake websites.
Advisory: APT groups target healthcare and essential services06/05/2020 14:15:00
Joint UK and US advisory highlights ongoing activity by APT groups against organisations involved in the international coronavirus response.
Cyber warning issued for key healthcare organisations in UK and USA05/05/2020 15:43:00
An advisory has been issued for UK and US healthcare organisations involved in the coronavirus response.
NCSC provides security expertise on NHS COVID-19 contact tracing app05/05/2020 12:25:00
The development of the NHS COVID-19 contact tracing app has had the support of NCSC experts.
New virtual cyber school gives teens chance to try out as cyber security agents from home01/05/2020 14:19:00
Young people encouraged to join online classes to develop problem-solving and cyber skills
NCSC statement: Sophos vulnerability29/04/2020 14:15:00
An NCSC statement following the discovery of a vulnerability affecting the Sophos XG Firewall product.
Public embraces email reporting service created after spike in coronavirus-related scams23/04/2020 15:43:00
As part of the Cyber Aware campaign, the NCSC successfully launched its suspicious email reporting service (SERS), resulting dozens of malicious web campaigns shut down in its first day after spike in coronavirus phishing scams.