TechCrunch Desktop Logo
TechCrunch Mobile Logo
Image Credits:Justin Tallis/AFP (opens in a new window) / Getty Images

EasyJet says 9 million travel records taken in data breach

Zack Whittaker

EasyJet, the U.K.’s largest airline, said hackers have accessed the travel details of 9 million customers.

The budget airline said 2,200 customers also had their credit card details accessed in the data breach, but passport records were not accessed, a company statement said.

EasyJet did not say when the security incident happened or how the hackers accessed its systems, but the company said it referred the incident to the Information Commissioner’s Office, the U.K.’s data protection agency. Companies are given 72 hours to inform regulators of a security incident under European data protection rules.

Spokespeople for EasyJet did not immediately comment when contacted by TechCrunch.

The airline, like the rest of the aviation industry, has been hit hard by the coronavirus pandemic, which forced vast swathes of the global population to stay at home, and put business travel and vacations on hold. Prior to the pandemic, EasyJet carried more than 28 million passengers in 2019.

The company was one of the first to ask the U.K. government for a bailout to prevent financial collapse.

The ICO said last year that it intended to fine British Airways a record £183 million ($230m) after a data breach exposed the booking details of 500,000 customers. Hackers had siphoned off thousands of credit card numbers after installing skimming malware on its website.

Techcrunch event

Disrupt 2026: The tech ecosystem, all in one room

Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400.

Save up to $300 or 30% to TechCrunch Founder Summit

1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately

Offer ends March 13.

San Francisco, CA | October 13-15, 2026
REGISTER NOW

British Airways breach caused by credit card skimming malware, researchers say

Topics

, , , , , , , , , ,
Zack Whittaker

Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security.

He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@alltechnewstime.com.

View Bio
April 30
San Francisco, CA


StrictlyVC kicks off the year in SF. Get in the room for unfiltered fireside chats with industry leaders, insider VC insights, and high-value connections that actually move the needle. Tickets are limited.

REGISTER NOW
Loading the next article
Error loading the next article