British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled “highly sophisticated,” exposing email addresses and travel details of around 9 million of its customers.
In an official statement released today, EasyJet confirmed that of the 9 million affected users, a small subset of customers, i.e., 2,208 customers, have also had their credit card details stolen, though no passport details were accessed.
The airline did not disclose precisely how the breach happened, when it happened, when the company discovered it, how the sophisticated attackers unauthorizedly managed to gain access to the private information of its customers, and for how long they had that access to the airline’s systems.
However, EasyJet assured its users that the company had closed off the unauthorized access following the discovery and that it found “no evidence that any personal information of any nature has been misused” by the attackers.
“As soon as we became aware of the attack, we took immediate steps to respond to and manage the incident and engaged leading forensic experts to investigate the issue,” the company said in a statement published…