Low cost carrier EasyJet has fallen victim to a "sophisticated" cyber attack that lifted the personal details of nine million customers.
EasyJet says that the break-in happened in early January, with the hackers making away with the email address and travel details of approximately nine million customers. Of these, 2,208 had their credit card details stolen.
The Information Commissioner's Office has ordered the firm to contact all customers whose details were accessed and warn them to take precautions when receiving unsolicited mail about the incident and to change their passwords.
"Action has already been taken to contact all of these customers and they have been offered support," states EasyJet. "There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately 9 million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing."
An attack on rival carrier British Airway two years ago compromised the card details of hundreds of thousands of customers who used its website and app over a two-week period. The hackers gained access to names, street and email addresses, credit card numbers, expiry dates and CVV codes - enough to use cards.