EasyJet has been the target of a major cyber attack.
The troubled airline said that the email addresses and travel details of 9million customers were accessed, and 2,208 people had credit card details stolen.
It said other than those people, the passport and credit card details of the balance were not accessed and it had closed the online channels affected by the attack.
EasyJet has not confirmed when the incident occurred, when it was identified and how long it lasted before detection.
In a statement to the stock market, it said: 'There is no evidence that any personal information of any nature has been misused. however... we are communicating with the approximately 9million customers whose travel details were accessed to advise them of protective steps to minimise any risk of potential phishing'.
'We take issues of security extremely seriously and continue to invest to further enhance our security environment,' a spokesperson added.
EasyJet said the email addresses and travel details of 9million customers were accessed, and 2,208 people had credit card details stolen (pictured, Airbus A320 planes in Berlin, 2018)
'EasyJet is in the process of contacting the relevant customers directly and affected customers will be notified no later than the 26th of May.'
EasyJet said it had notified the Information Commissioner's Office (ICO), the data regulator, and the National Cyber Security Centre.
The ICO has recommended easyJet contact everyone affected because of an increased risk of phishing fraud during the coronavirus crisis.
EasyJet chief executive Johan Lundgren said in a statement: 'Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams.
'As a result, and on the recommendation of the ICO, we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.'
EasyJet's disclosure comes as its leadership battles a number of challenges including the turbulence caused by the coronavirus pandemic.
Sir Stelios Haji-Ioannou (right), the airline's founder and biggest shareholder, is seeking to remove CEO Johan Lundgren (left) and three other board members this Friday
Sir Stelios Haji-Ioannou's family, the airline's founder and biggest shareholder, is seeking to remove Mr Lundgren and three other board members this Friday.
A shareholder vote will take place amid a row over a £4.5billion order for new planes from Airbus which Sir Stelios is demanding should be scrapped.
The company has also furloughed thousands of staff and borrowed £600million of taxpayer money under a government bailout scheme.
Hackers have stepped up their efforts to target major companies and the data they hold on customers. British Airways was hit in 2018 with the theft of credit card details of hundreds of thousands of its customers, while Cathay Pacific was also hit.
MailOnline has contacted easyJet for more information.