An EasyJet aircraft approaches the runway to land at Luton Airport near Luton, UK.
Simon Dawson | Bloomberg | Getty Images
EasyJet announced Tuesday that it had suffered a major cyber attack from a “highly sophisticated” source.
The low-budget European airline, which has seen its fleet anchored by the coronavirus, told the stock exchange that unauthorized access to its systems had been closed.
An airline investigation found that 9 million customers had access to their email address and trip details, while 2,208 customers had access to their credit card details. Affected customers will be contacted by May 26, said EasyJet.
The airline did not disclose when the attack took place or how long it lasted. The company was not immediately available for comment when contacted by CNBC.
EasyJet CEO Johan Lundgren said in a statement that the company takes the cybersecurity of its systems seriously, “however, this is an evolving threat as cyber attackers become more sophisticated” .
Lundgren said EasyJet will make affected customers “extra vigilant”, especially if they receive suspicious emails. The airline said customers should be extremely careful with any communication that is supposed to come from EasyJet or EasyJet Holidays.
“We will continue to invest to protect our customers, our systems and our data,” he said. “We would like to apologize to the customers who were affected by this incident.”
EasyJet said it worked with the National Cyber Security Center and the Information Commissioner’s Office, which is the UK’s data regulator.