In a statement on its website, EasyJet said that:
“Apart from the very small subset of customers who we have already notified, no credit card details have been impacted. We therefore do not expect there to be any financial loss caused by this incident. We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications”.
This statement proved that EasyJet did not take responsibility for failing to protect its customers. The airline might think that there was “no evidence that any personal information of any nature has been misused”, but, as we have already established, the impact of data breaches goes much further than financial losses, and it does these nine million customers a disservice to assume otherwise.
Following a robbery, people often feel shock, anger, fear, helplessness, and panic. Some will go on to suffer from psychological problems, and existing conditions can be exacerbated. Thankfully, over the last few years, people are waking up to the reality of mental health, and there is a greater awareness about the lasting effects of physiological suffering and anguish.
What is more, the law understands the damage that can be caused by worry and upset. So you can make a compensation claim if you have struggled emotionally following a data breach, even if you have not lost any money.
What’s more, even if your financial data hasn’t been stolen, your personal information could still be used for nefarious purposes. According to a report in the Independent:
“Experts suggest that personal information “drives a higher price on the dark web” – the area of the internet inaccessible by mainstream search engines – and could be used for organised crime or ransomed.”
So, the risk to everyone involved – regardless of whether they have had their financial or personal data accessed – is very real.