Nine million EasyJet customer details lost in data breach

featured image

In May 2020 hackers obtained the personal details of 9 million Easyjet customers and the credit card details of a further 2,000+.

15.06.2020

Sabrina Goran (sabrina.goran@irwinmitchell.com) comments on a potential group claim against the airline.

A cyber-attack on EasyJet earlier this year has resulted in the exposure of the email addresses and flight details of nine million of its customers, and the credit card details of 2,208 of those customers. EasyJet reportedly notified affected customers by email in May. 

The ICO has confirmed it is investigating the breach. The maximum fine the ICO could issue in respect of a serious data breach is €20,000,000 or 4% of the global annual turnover. 

The General Data Protection Regulation (GDPR), allows individuals to bring claims for damages for distress in respect of data breaches such as this. Individuals are not required to have suffered any direct financial loss in order to receive compensation in respect of a data breach. Law firm PGMBM has confirmed it has issued a claim form on behalf of the impacted customers and is seeking to recover up to £2,000 per impacted customer. 

https://www.cityam.com/easyjet-woes-grow-after-it-is-hit-with-massive-group-action-claim-over-data-breach/

Key Contacts

Related Articles

  • Cryptoassets and gambling: what a regulated UK regime could mean for operators, suppliers and the market
    Expert Comment
    Cryptoassets and gambling: what a regulated UK regime could mean for operators, suppliers and the market
    The UK’s move towards a full cryptoasset regulatory regime, expected to take effect on 25 October 2027, is likely to change how gambling businesses assess crypto as a payment option.
    Read more
  • Southampton’s Championship “Spygate”: what the allegations, sanctions and wider fallout could mean
    Expert Comment
    Southampton’s Championship “Spygate”: what the allegations, sanctions and wider fallout could mean
    Southampton Football Club’s 2025/26 Championship campaign has become overshadowed by a significant disciplinary issue after the club admitted multiple breaches of English Football League (“EFL”) rules relating to the unauthorised filming of other clubs’ training sessions.
    Read more
  • Serious Fraud Office’s Deferred Prosecution Agreement with Ultra Electronics: what businesses should take from the May 2026 agreement
    Expert Comment
    Serious Fraud Office’s Deferred Prosecution Agreement with Ultra Electronics: what businesses should take from the May 2026 agreement
    The Serious Fraud Office’s (“SFO”) May 2026 Deferred Prosecution Agreement (“DPA”) with Ultra Electronics Holdings Limited (“the Company”) is notable for more than the financial penalty.
    Read more