Earlier this week British Airways admitted to a sad occurrence that happened somewhat similar to the Air Canada data breach. According to their report, unknown attackers successfully stole a large chunk of customer data from the airline’s app. Data of 380,000 customers that includes payment card details were taken successfully. Since fixing the case of British Airways data breach, the officials have apologized to their customers by offering compensation to the victims suffering possible financial losses.
On September 6, 2018, British Airways tweeted on their official Twitter account stating that they’re ‘investigating the theft of customer data.’ Sharing the link of the official notice on their website.
According to what Mr. Alex Cruz said to the BBC, the airline was assaulted by malicious cyber attacks that allow the attackers to steal customers’ data. As mentioned on their website, Customers who visited BA between August 21, 2018, and September 5, 2018, regarding new bookings, or changing the previous ones has suffered from the recent British Airways data breach the count of victims reportedly reached up to 380,000 customers.
After determining the extent of the breach, they began contacting the customers affected by the hacking of data. Good news is that BA has pledged to compensate for any potential financial losses to the customers. Mr. Cruz informed,
“We are dedicated to working with any customer who may have been financially suffered by this data breach, and we will pay compensation to them for any financial hardship that they may have suffered.”
How did it happen?
Regarding the breach of data, no official information has been disclosed by BA. But few experts have analyzed the incident.
Stephen Gailey, Solutions Architect at Exabeam and former Head of Security at Barclays, told it looks like only cards used to make a booking – rather than those stored on BA’s systems – were compromised, suggesting the hackers intercepted transactions rather than targeting a database of stored credit card details.”
Luke Brown, VP EMEA at WinMagic, Interprets the incident as the failure of the airline to encrypt the data correctly.