Personal and payment card information of 380,000 British Airways customers were stolen by attackers, stolen data did not include travel or passport details.
British Airways was hacked, customer personal and payment card information of 380,000 were stolen by attackers, the stolen data did not include travel or passport details.
The company published a data breach notification on its website, the security breach affected customers making bookings on its website and app from 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive.
British Airways has launched an internal investigation and notified the police and relevant authorities.
“We are investigating, as a matter of urgency, the theft of customer data from our website and our mobile app. The stolen data did not include travel or passport details.” reads the data breach notification.
“From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on our website and app were compromised.”
The airline confirmed that the breach has been resolved and its services are now working normally. British Airways is communicating with affected customers and is recommending customers who believe they may have been affected by the breach to contact their banks or credit card providers.
A spokesperson told the TechCrunch website that “around 380,000 card payments” were stolen.
“We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.” said Alex Cruz, British Airways’ chairman and chief executive.
Privacy advocated and security experts believe the company could face severe fines due to the new European GDPR data protection laws.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.