Easyjet (U2/EZY) has said that the details and payment information for up to 9 million people has been accessed in what it called a “highly sophisticated cyber-attack”
The low-cost carrier said it first became aware of the attack in January and it has informed the Information Commissioners Office (ICO) of the data breach.
Easayjet is also in the process of contacting affected customers.
The data included passengers names and address, travel documents and payment card information.
In a statement about the breach Easyjet said: “We take issues of security extremely seriously and continue to invest to further enhance our security environment.
“There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing.”
In 2018 British Airways was fined over £180m for a data breach that saw its customers payment details stolen.