On Tuesday, EasyJet revealed that a cyberattack had resulted in the hacking of nine million customer accounts, reported the BBC. The firm is currently investigating the breach and has also notified the U.K.'s Information Commissioner's Office (ICO).
"We take issues of security extremely seriously and continue to invest to further enhance our security environment," EasyJet said in a statement.
"There is no evidence that any personal information of any nature has been misused, however, on the recommendation of the ICO, we are communicating with the approximately nine million customers whose travel details were accessed to advise them of protective steps to minimize any risk of potential phishing.
"We are advising customers to be cautious of any communications purporting to come from EasyJet or EasyJet Holidays."
According to the BBC, EasyJet first learned of the attack in January but was only able to notify customers whose credit card details were stolen in early April. EasyJet has now decided to go public in order to reach all the nine million customers affected.
EasyJet informed the BBC that their email addresses had been stolen which could result in phishing attacks. It further added that everyone affected would be notified by 26 May.
Phishing attacks where criminals steal the personal data of victims through email links have risen significantly during the coronavirus era.
The ICO also made a statement on the matter revealing that it would be investigating.
"People have a right to expect that organizations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary."
Airlines have a bit of a bad reputation when it comes to cybersecurity breaches. Back in September of 2018, British Airways suffered a cyberattack that was presumed to have put at risk the financial and personal details of around 380,000 clients.