International Consolidated Airlines Group SA unit British Airways PLC said it is investigating the theft of customer data from its website and mobile app that compromised personal and financial details of customers.
The airline said about 380,000 payment cards of customers making bookings were affected, but no travel or passport details were compromised, according to The Guardian. The breach took place between the evening of Aug. 21 and the evening of Sept. 5.
Shares in IAG opened lower in London on Sept. 7 and was down 1.79% as of 8:24 a.m. local time.
"The breach has been resolved and ba.com is working normally," the airline said, adding that it is communicating with affected customers and has notified the police and relevant authorities regarding the issue.
The company said it would fully reimburse customers for any financial loss, the Financial Times said. The U.K. Information Commissioner's Office is looking into the breach and could impose penalties on the airline, according to BBC News.