EasyJet has announced that a "highly sophisticated cyber-attack" has affected nine million of its customers.

They said email addresses and travel details had been stolen, and that 2,208 customers had also had their credit card details "accessed".

The travel firm has informed the UK's Information Commissioner's Office and is continuing to investigate the breach.

EasyJet said it first became aware of the attack in January.

READ MORE: Coronavirus: Scottish jobs market hardest hit as lockdown bites

EasyJet chief executive Johan Lundgren said: “We take the cyber security of our systems very seriously and have robust security measures in place to protect our customers’ personal information.

“However, this is an evolving threat as cyber attackers get ever more sophisticated.

“Since we became aware of the incident, it has become clear that owing to Covid-19 there is heightened concern about personal data being used for online scams.

“As a result, and on the recommendation of the ICO (the Information Commissioner’s Office), we are contacting those customers whose travel information was accessed and we are advising them to be extra vigilant, particularly if they receive unsolicited communications.

READ MORE: Scotland's schools 'set to return on August 11' part-time with 'phased' re-opening

“Every business must continue to stay agile to stay ahead of the threat. We will continue to invest in protecting our customers, our systems and our data.

“We would like to apologise to those customers who have been affected by this incident.”

The ICO announced last year that it intends to fine British Airways a record £183 million after the personal data of more than half a million passengers was compromised in a hacking incident believed to have started in June 2018.