Hong Kong-based airline Cathay Pacific is investigating unauthorised access to data relating to nearly ten million passengers.
The hack was discovered during regular IT security process checks and access was immediately shut down.
Cathay Pacific's CEO Rupert Hogg apologised for the incident and said the passengers whose data was accessed will be contacted by the airline directly.
"We are in the process of contacting affected passengers and providing them with information on steps they can take to protect themselves," he said.
The airline said there is no evidence any of the information has been misused at this stage.
The system compromised has no link with any of its flight operation systems, so aircraft and flight safety has not been affected.
Here's what data was accessed:
- Passenger name
- Date of birth
- Phone number
- Passport number
- Identity card number
- Frequent flyer programme membership number
- Customer service remarks
- Historical travel information
The number of credit cards compromised is said to be minimal - 27 credit card numbers were accessed, but the hackers are said to have not accessed the CVV numbers, which would limit the possibility of fraud.
Passengers who think they may have had their information compromised can call Cathay Pacific directly on a dedicated hotline set up by the airline, or via a special webpage which is being regularly updated.
The toll free phone number for New Zealand is: 0800 456 320.
Cathay Pacific has notified authorities including Hong Kong Police.