Hackers accessed email addresses and travel details of approximately 9 million Easyjet customers in a “sophisticated” cyber attack, the orange-themed airline announced Tuesday.
“Following discussions with the Information Commissioner’s Office (ICO), the Board of easyJet announces that it has been the target of an attack from a highly sophisticated source,” the airline said in a statement, adding that it has notified the U.K. National Cyber Security Centre as well as the ICO, the U.K.’s data protection authority.
The company’s investigation also found that credit card details were accessed for more than 2,200 customers, but said there was no evidence any data had been misused.
Easyjet CEO Johan Lundgren said in the statement that, “Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams. As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.”