A criminal investigation is underway after a cyber attack on Isle of Wight ferry operator Wightlink.
In a statement on Thursday, the firm said the personal information of “a small number of customers and staff…may have been compromised.”
It said all those affected had been notified and offered support.
The cross-Solent operator’s back office IT systems were hit in February, despite it ‘taking appropriate security measures’.
Cyber security experts are now involved, engaged by Wightlink when the incident was discovered.
Read more: Friday cancellations on Wightlink Isle of Wight ferry sailings
What has Isle of Wight’s Wightlink said about the cyber attack?
In a statement on Thursday Wightlink said: “[We] engaged specialist cyber security experts to investigate and assess the situation and reported the matter to the Information Commissioner’s Office (ICO).
“Wightlink is also liaising with the South East Regional Organised Crime Unit.”
The firm, which links Ryde and Fishbourne with Portsmouth and runs between Yarmouth and Lymington, said it does not process, nor store, payment card details for bookings.
Chief Executive Keith Greenfield said: “This was a highly sophisticated criminal attack on an essential service.
“I would like to thank all my colleagues at Wightlink who responded quickly, ensuring the impact to customers was minimised and that cross-Solent travel and bookings were unaffected.”
Ferries and FastCats continued to operate normally and Wightlink said its booking system and website were not affected.
Has the Isle of Wight been hit by a cyber attack before?
In August 2021, six Isle of Wight schools were targeted in a ransomware attack, forcing three to completely rebuild their websites and others to delay the start of the school term.