Class Action Claim Issued On Behalf Of EasyJet Customers Over Major Data Breach

May 22, 2020

The easyJet data breach was announced by the airline group on 19th May 2020. easyJet publicly admitted that the sensitive personal data of nine million customers from around the world had been exposed in a “sophisticated” data breach.

The cyber-attack took place in January 2020, but despite notifying the UK’s Information Commissioner’s Office at that time, easyJet waited four months before notifying its customers, who suffered a loss of privacy and weren’t even made aware of it straight away.

Customers affected by the data breach were notified by email in May that information such as their names, email addresses and travel details – including where they were travelling to and from, departure dates, booking reference numbers, booking dates, and the value of their bookings – could have been exposed by the leak.

Some customers were also affected by the disclosure of more sensitive data: 2,208 individuals had their credit card details stolen, including the three-digit security code known as the CVV number.

The severity of the breach

Depending on the kind of data that falls into the hands of third parties, the results can be severe, from fraudulent representation to unidentified shopping bills racked up on customers’ credit cards.

However, what matters most is not the type of data leaked, but the fact that it was leaked in the first place, and that it took four months for EasyJet to warn their customers about the breach of their privacy.

Thomas Goodhead, firm Managing Partner, said: “This is a monumental data breach and a monumental failure that has a serious impact on easyJet’s customers.

This is personal information that we trust companies with, and customers should rightly expect that every effort is made to protect that.

Unfortunately, the easyJet data breach has leaked the sensitive personal information of nine million customers from all corners of the world.”

The law favours the victims of the data breach

Under Article 82 of the EU General Data Protection Regulation (EU-GDPR), customers have a right to compensation for inconvenience, distress, annoyance, and loss of control over their data.

In 2018, British Airways was hit with a record fine of £183 million by the ICO over its “poor security arrangements”.

On this occasion, Information Commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage, or theft, it is more than an inconvenience.”

Our firm, a leading international law firm specialising in group litigation actions, has issued the claim form on behalf of impacted customers, after having been contacted by potential claimants when the easyJet data breach was made public.

We are now seeking a group litigation order and are urging all of those affected by the data breach to come forward and join the claim to pursue compensation.

Any easyJet passenger who was affected around the world can claim. Learn more at the website easyJet data breach claim.

More Press

panorama of football stadium
Pogust Goodhead and Bingham Long announce settlement with UEFA
A full and final settlement has been reached with UEFA for the potential claims of supporters of Liverpool Football Club in connection with the 2022 Champions...
Read More
Mariana dam disaster landscape
£3 billion lawsuit filed against Vale and Samarco over the Mariana dam disaster
The worst environmental disaster in Brazil’s history has triggered a £3 billion lawsuit in the courts of the Netherlands.
Read More
Jaguar Land Rover
The Jaguar Land Rover NOx Emissions Group Litigation
The High Court has made a Group Litigation Order in relation to a Group Action to be pursued against Jaguar Land Rover.
Read More