Jump to content

British Airways hacked, hundreds of thousands of credit card numbers stolen


Recommended Posts

Posted

British Airways has suffered a data breach, with critical information on hundreds of thousands of its users being stolen by hackers. The company confirmed the breach, saying it was done by a “very sophisticated, malicious criminal”.

In total, 380,000 accounts were compromised, the company said, with hackers stealing names, street and email addresses, credit card numbers and expiry dates, as well as security codes, through the company website and app.

The theft of this information occurred over a two-week period, it was said, starting on August 21, and ending on September 5, when it was finally discovered.

Chief Executive Alex Cruz said the carrier was “deeply sorry” for the disruption.

“There were other methods, very sophisticated efforts, by criminals in obtaining the data,” he told BBC radio. “It was having access to our systems in an illicit way, it was very sophisticated.”

Cruz added that whoever lost out financially, would be compensated for their loss.

Will BA be hit by GDPR?

Paul Farrington, Head of EMEA at app security company CA Veracode also warns that things are different now, with GDPR in force.

“With GDPR now in full force the board at BA will have to consider their exposure to regulatory fines, especially when it took 16 days for the breach to be detected, and if the financial losses will outstrip what it would have cost to prevent the breach in the first place.”

“IT issues are not only affecting BA, but also in the wider airline industry. Airlines have a duty to keep the planes in the air, and the majority of investment goes into that. However, recent outages show investment should also be directed at technology. As airlines become ever more dependent on software, this creates a greater surface for hackers to attack and so it is no surprise that breaches of this scale are becoming commonplace.”

Malwarebytes’s Lead Malware Analyst Chris Boyd says it’s interesting to see a company providing such a specific time range for the attack. It’s not something that usually happens:

"The only good thing we can say about this breach is that BA have provided a very short and specific date range where data may have been compromised. Typically, we're lucky to get a date range of less than six months to a year, which makes a potential victim's response to any threat difficult. This could end up being a major test of new GDPR regulations, and it'll be fascinating to see the cause of the breach come out in the wash."

Via Reuters

jzDl5q5Dap4

View the full article

Posted

Glad I could never afford BA's ridiculous prices!

Posted (edited)

Oh my gosh, I wonder what will happen to them after this incident. This is the reason why I prefer typing my credit card details all over again whenever I purchase anything from an airplane ticket or any random stuff all over the internet. 

Edited by joynhappiness

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.