June 3, 2023

Volume XIII, Number 154


June 02, 2023

Subscribe to Latest Legal News and Analysis

June 01, 2023

Subscribe to Latest Legal News and Analysis

May 31, 2023

Subscribe to Latest Legal News and Analysis

Easyjet Hack: Nine Million Customer Records Stolen in "Highly Sophisticated" Cyberattack

It has been reported that hackers have accessed and stolen details of about 9 million customers of British airline easyJet. Approximately 2,208 easyJet customers have also had their credit card details accessed and stolen.

easyJet reported that it became aware of this “highly sophisticated” cyberattack in late January this year. After an investigation, the airline recently disclosed that the details accessed and stolen by the hackers included email addresses, travel information, and credit card data including CVV numbers.

While it doesn’t look like the personal information obtained by the hackers has been misused yet according to the airline, there is heightened concern over the information being used in online scams, such as phishing scams, during the current global pandemic. The information may also be used for credential stuffing attacks in the future.

This hack is currently being investigated by the UK’s Information Commissioner’s Office, and already is there is talk in the media of a significant, if not the highest to date, penalty possibly being imposed on easyJet. Under the EU’s General Data Protection Regulation, the maximum penalty for data breaches can reach an amount of €20 million or 4% of a company’s annual worldwide turnover, whichever is greater. As previously blogged, the UK intends to follow the GDPR during the transition period post-Brexit, after which the GDPR will be brought into UK law as the “UK GDPR“.

We’ve previously highlighted the need for individuals and organisations to remain vigilant and look out for phishing scams which are on the rise during the COVID-19 pandemic. Airlines may be largely out of action for the time being, but your security systems for protection of personal information shouldn’t be. For more information on phishing scams during this pandemic and tips on how to avoid them, check out our blog series called ‘A Phishing Pandemic’ Parts III and III!

Copyright 2023 K & L GatesNational Law Review, Volume X, Number 154

About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Warwick Andersen Technology Lawyer KL Gates

Mr. Andersen is a senior corporate lawyer with a focus on commercial, technology and sourcing projects. He has advised on large scale outsourcing projects, technology agreements for both vendors and customers, corporate support, privacy and telecommunications regulatory work. He has acted for government departments, large listed companies, telecommunications companies and technology suppliers.

Rob Pulham Corporate Attorney K&L Gates
Special Counsel

Rob Pulham is an experienced corporate advisory and transactional lawyer with an active technology and privacy practice representing companies in the energy, manufacturing, mining, retail, health and financial services sectors, as well as government and not for profit organisations. He has extensive experience advising customers and vendors in the technology industry, with particular focus on software licensing, data privacy and protection, and systems integration projects. In his role as a senior corporate lawyer, Mr. Pulham reviews organisational policies and practices...

Senior Attorney

Ms. Aggromito is a senior lawyer in the lawyer in the Melbourne commercial technology and sourcing team focusing on IT, privacy and data protection.

Rebecca Gill Commercial Technology and Sourcing Lawyer Melbourne K&L Gates

Ms. Gill is a lawyer in our Corporate and Transactional team at the Melbourne office.

Primary Practice

Commercial Technology and Sourcing


  • J.D., Melbourne School of Law University of Melbourne, 2018
  • B.A., University of Melbourne, 2014
  • Certificate I in Vocational Preparation, Australian Employment and Training Solutions, 2014