EasyJet announced on Tuesday that it has suffered a major cyber attack from a “highly sophisticated” source.
The budget European airline, which has seen its fleet grounded by coronavirus, said the unauthorized access to its systems had been closed off.
An investigation by the airline revealed that 9 million customers had their email addresses and travel details accessed, while 2,200 customers had their credit card details exposed. Affected customers will be contacted in the next few days, EasyJet said.
The airline did not disclose when the attack happened or how long it lasted. The company was not immediately available for comment when contacted by CNBC.
EasyJet CEO Johan Lundgren said in a statement that the company takes the cyber security of its systems seriously, “however, this is an evolving threat as cyber attackers get ever more sophisticated.”
Lundgren said EasyJet will be urging affected customers to be “extra vigilant,” especially if they receive suspicious emails.
“We will continue to invest in protecting our customers, our systems, and our data,” he said. “We would like to apologize to those customers who have been affected by this incident.”
EasyJet said it is working with the National Cyber Security Centre and the Information Commissioner’s Office, which is the U.K. data regulator.