IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

EasyJet faces class-action lawsuit over data breach

If successful, every customer impacted by the breach could receive a £2,000 payout

EasyJet is facing an £18 billion class-action lawsuit over the recent large-scale data breach that exposed the personal details of nine million of its customers. 

Law firm PGMBM said it has issued a class-action claim in the High Court of London with a potential liability of £18 billion. If successful, each customer impacted by the breach could receive a payout of £2,000.

This move follows the airline’s recent announcement that it had been the subject of a “highly sophisticated cyber attack” in which the email addresses and travel details of around nine million customers were accessed, as well as the credit card details of 2,208 customers.

PGMBM, which specialises in group class-action, said that although the airline had announced the breach on May 19, it actually occurred four months earlier in January. This meant that the company delayed telling those affected that they could be at risk for four months, potentially leaving them open to attack.

“This is a monumental data breach and a terrible failure of responsibility that has a serious impact on EasyJet's customers," said PGMBM managing partner Tom Goodhead.

“This is personal information that we trust companies with, and customers rightly expect that every effort is made to protect their privacy. Unfortunately, EasyJet has leaked sensitive personal information of nine million customers from all around the world.”

The law firm said it was taking the action under Article 82 of Europe's General Data Protection Regulation (GDPR), which gives customers the right to compensation for inconvenience, distress, annoyance, and loss of control of their personal data.

EasyJet has yet to comment on the filing of the lawsuit, but last week apologised to those customers affected.

Related Resource

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now

It remains to be seen whether EasyJet will also face a fine from the Information Commissioner's Office (ICO). The watchdog's guidance states that failing to notify a breach when required to do so can result in a significant fine up to €10 million euros or two per cent of a company's global turnover.

A spokesperson for the watchdog confirmed that an investigation into the breach is ongoing, saying: “People have the right to expect that organisations will handle their personal information securely and responsibly. When that doesn’t happen, we will investigate and take robust action where necessary."

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022