Shares of British Airways' parent company IAG fell around 4% as markets opened on Friday morning, hours after the airline said the credit card information of at least 380,000 customers had been "compromised" in a data theft.

More than £500m was wiped of the airline group's market value as a result, before the share price rallied to being down just 2% on the day.

The airline said people using BA.com and its mobile app for flight bookings were targeted by hackers between 21 August and 5 September.

Information stolen includes customer names, email addresses, home addresses and payment card information - but not travel or passport details.

We are aware of reports of a data breach affecting British Airways and are working with partners to assess the best course of action. — NationalCrimeAgency (@NCA_UK) September 6, 2018

In an email to affected customers, BA said: "We're deeply sorry, but you may have been affected.


"We recommend that you contact your bank or credit card provider and follow their recommended advice.

"We take the protection of your personal information very seriously.

"Please accept our deepest apologies for the worry and inconvenience that this criminal activity has caused."

The breach has been "resolved" and the website is "working normally", it said.

In a statement, the airline added: "We have notified the police and relevant authorities... [and] will continue to keep our customers updated with the very latest information. We will be contacting customers and will manage any claims on an individual basis."

BA is the latest major UK company to report such an attack - seemingly the largest since the owner of Currys PC World, Dixons Carphone, admitted in early summer that nine million of its customers had been hit by a data breach.

The theft is also likely to lead to a union backlash after criticism of the airline's decision to outsource IT work to India.

The issue came to the fore after a costly IT failure last year that left 75,000 passengers stranded.

BA chief: We have called in the police

The company's chairman and chief executive, Alex Cruz, said: "We are deeply sorry for the disruption that this criminal activity has caused."

Speaking to Sky News, he said the online vulnerability had now been fixed after it was discovered on Wednesday, and indicated compensation could be a possibility for anyone who had lost money.

Mr Cruz said: "I need to understand the extent of the damages; at the moment we're not aware of any potential negative effect.

"But yes, we're interested in speaking with our customers about any potential negative effect that this event may have had on their credit card."

Furious @British_Airways Found out re data breach from news, before you had the decency to tell me yourself I was likely affected. I’m travelling alone in Vietnam & have had to put stop on the card, which makes me vulnerable & I’m now spending precious hol time trying to resolve — Michelle Dewberry (@MichelleDewbs) September 7, 2018

Michelle Dewberry, presenter of the Sky News debate programme The Pledge, travelled to Vietnam with the airline and tweeted that she only found to about the breach on the news.

"I'm travelling alone in Vietnam & have had to put stop on the card, which makes me vulnerable," she said in her tweet.