EasyJet Says Details of 9 Million Customers Stolen by Hackers

EasyJet says that hackers have gained access to the personal details of 9 million customers, including email addresses and travel details.

The budget airline also says that 2,200 customers have had their credit card details exposed in what it described as a "highly sophisticated" cyber-attack.

It is keen to stress that there was no evidence to suggest that "any personal information of any nature has been misused" but the company says it will be getting in touch with affected customers to advise them of protective steps to take.

In a statement to the London Stock Exchange, the company said: "There is no evidence that any personal information of any nature has been misused. However, on the recommendation of the ICO (Information Commissioner's Office), we are communicating with the approximately 9m customers whose travel details were accessed to advise them of protective steps to minimize any risk of potential phishing.

"We are advising customers to continue to be alert as they would normally be, especially should they receive any unsolicited communications.

EasyJet hackers gain access
EasyJet says it is communicating with 9 million customers whose travel details were accessed Getty

"We also advise customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays."

Johan Lundgren, EasyJet chief executive, said: "We take the cybersecurity of our systems very seriously and have robust security measures in place to protect our customers' personal information. However, this is an evolving threat as cyber attackers get ever more sophisticated.

"Since we became aware of the incident, it has become clear that owing to COVID-19 there is heightened concern about personal data being used for online scams.

"As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications."

The company also said it had closed the online channels affected by the attack.