London (Cyclone Times) – British airways faces it rough, apologizes after realizing on Wednesday that over 380,000 customers’ payments data had been compromised in a period of two weeks.
It is alleged that the attack, which caused credit card details of hundreds of thousands of its customers being stolen penetrated through BA’s website (ba.com) and the mobile app.
British Airways launched an “urgent” investigation and notified police after confirming their data systems breach.
We are investigating the theft of customer data from our website and our mobile app, as a matter of urgency. For more information, please click the following link:https://t.co/2dMgjw1p4r
— British Airways (@British_Airways) September 6, 2018
It was realized on Wednesday that bookings transacted between Aug. 21 and Sept. 5 had been tress passed in a “very sophisticated, malicious criminal” attack, BA Chairman and Chief Executive Alex Cruz said.
“We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.” He added.
Unconfirmed sources allege that, hackers obtained names, street and email addresses, credit card numbers, expiry dates and security codes, which is a sufficient information to steal from customers’ accounts.
Customers raised concerns that the airline had not contacted them directly to tell them about the hack.
However, British Airways says, we contacted affected customers as soon as we found out that data from our website and mobile app had been breached, the boss said on Friday.
“The moment we found out that actual customer data had been compromised that’s when we began an all-out immediate communication to our customers, that was the priority,” Alex Cruz, told BBC radio, and pledged that, any customers who lose out financially will be compensated by the airline.
— Al Arabiya English (@AlArabiya_Eng) September 7, 2018
Stephanie Jowers, from New York, said, she contacted the airline just hours before the hack was announced on Twitter with concerns about charges on her account, but was not informed that it could have been compromised.
— Stephanie Jowers (@stephaniejowers) September 6, 2018
It was learned that some of the affected customers are not really well informed on the exact data hooked up by the hacker(s) as Lesley Ironmonger replied to BA’s announcement tweet, “I received the standard email this morning. It doesn’t state which personal data has been compromised. Surely we should be told!! We are trusting you with our personal data when we choose to fly with you!! Very worried!”
Customers argue that, the email communication couldn’t have contained fewer details or less advice.
No-one to talk to BA when this broke last night. Website suggests only new bookings impacted, however email today from BA goes further highlighting amendments to existing bookings also impacted. Website still not updated.
— Bernadette Smith (@smith_mbsmith) September 7, 2018
“If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, you must also inform those individuals without undue delay,” according to guidelines from the Information Commissioner’s Office (ICO), the independent regulator that upholds information rights in Britain.
The government is aware of a cyber-attack affecting British Airways customers and authorities are working to better understand the incident, Prime Minister Theresa May’s spokeswoman said on Friday. Reuters reported.
Data security expert Trevor Reschke said that like any website which sees large volumes of card transactions, British Airways was a ripe target for hackers.
“It is now a race between British Airways and the criminal underground,” said Reschke, head of threat intelligence at Trusted Knight.
“One will be figuring out which cards have been compromised and alerting victims, whilst the other will be trying to abuse them while they are still fresh.”
After the computer system failure in May 2017, BA said it would take steps to ensure such an incident never happened again, but in July it was forced to cancel and delay flights out of the same airport due to problems with a supplier’s IT systems.
Rob Burgess, editor of UK frequent flyer website www.headforpoints.com, said: “Data breaches are part and parcel of the world we now live in, and criminal activity is getting ever more sophisticated. Unfortunately, this is likely to be another PR disaster for British Airways, especially as it includes tickets bought in their September sale which is being widely promoted at the moment.The Telegraph sourced.
7,702 total views, 2 views today