UK budget carrier EasyJet is contacting customers after a serious cybersecurity breach which resulted in access to the personal information of 9 million travellers.
Credit card details of just over 2,200 customers were accessed, the airline admits, and it has taken action to contact all of them to offer support.
The airline says it has recruited forensic specialists to investigate the attack which, it claims, originated from a “highly sophisticated source”.
Some 9 million customers’ travel and email information was accessed, it adds.
EasyJet says it has “closed off” the unauthorised intrusion and notified the National Cyber Security Centre as well as the Information Commissioner’s Office.
“There is no evidence that any personal information of any nature has been misused,” it adds.
But it is contacting the 9 million customers affected to advise of protective measures to minimise risk of fraud exposure. It aims to contact all of them within a week.
“We would like to apologise to those customers who have been affected by this incident,” says chief executive Johan Lundgren.
“We take the cyber security of our systems very seriously and have robust security measures in place to protect our customers’ personal information.
“However, this is an evolving threat as cyber attackers get ever more sophisticated.”
Lundgren states that concern over the risk of fraud has risen during the coronavirus outbreak, and that EasyJet will advise customers to be particularly vigilant if they receive unsolicited communications.
“Every business must continue to stay agile to stay ahead of the threat,” he adds. “We will continue to invest in protecting our customers, our systems, and our data.”