EasyJet, a British low-cost airline group, has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyber-attack on the airline.
The company on Tuesday disclosed that email addresses and travel details were accessed and said it will contact all of the customers affected.
Of the 9 million people affected, 2,208 had credit card details stolen, EasyJet said in a statement to the stock market.
Those customers whose credit card details were taken have already been contacted, while everyone else affected will be contacted in the “next few days”.
The Information Commissioner’s Office (ICO), the data regulator, has recommended EasyJet contact everyone affected because of an increased risk of phishing fraud.
EasyJet said, “there is no evidence that any personal information of any nature has been misused”.
The easyJet chief executive, Johan Lundgren, said: “We would like to apologise to those customers who have been affected by this incident.