British Airways has notified the police after the theft of customer data from its website and mobile app.
BA says the breach relates to bookings made between 10.58pm on August 21 and 9.45pm on September 5.
The company said the breach had been resolved and the website was now working normally, and all customers affected by the breach had been contacted on Thursday night.
British Airways advised customers to contact their banks or credit card providers and follow their recommended advice.
We are deeply sorry for the disruption that this criminal activity has caused. "We take very seriously the protection of our clients 'data" - are his words in the statement.
Future bookings will not be affected, BA said. "There were other methods, very sophisticated efforts, by criminals in obtaining the data", he said.
BA is the latest major United Kingdom company to report such an attack - seemingly the largest since the owner of Currys PC World, Dixons Carphone, admitted in early summer that nine million of its customers had been hit by a data breach.
Mr. Cruz said anyone who lost out financially would be compensated by the airline.
In terms of compensation, BA said they would be in touch with customers "and will manage any claims on an individual basis".
"I´ve not heard anything from them on this and I´ve just had to cancel the card I used".
Which? said it was "vital" BA moved quickly to ensure affected customers get clear information and what steps they need to take to protect themselves.
He said hackers stole enough information to use bank cards to make purchases.
The company said there was evidence that some of the data "may have left our systems", although the records did not contain payment card or bank account details and there was no evidence that any fraud has resulted.