EasyJet has admitted that a "highly sophisticated cyber attack" has affected around nine million customers.

The airline explained that email addresses and travel details had been stolen and that 2,208 customers had also had their credit card details accessed. It has informed the Information Commissioner's Office (ICO) and is continuing to investigate the breach.

EasyJet said it first became aware of the attack in January, stating: "We take issues of security extremely seriously and continue to invest to further enhance our security environment.

"There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing."

Commenting on the breach, Cybereason chief security officer Sam Curry suggested that the customers stay on top of their credit reports, check their bank statements regularly and frequently update their login information to EasyJet's website and other vendors they use.

"For EasyJet, they can come out of this either the hero or villain - they can't be the victim," he said. "I suggest the hero by being open, honest and transparent about the remediation steps they are taking now and the preventative measures they are putting in place to reduce risk in the future."

Share Story: