British Airways, who describes itself as “The World’s Favorite Airline,” has confirmed a data breach that exposed personal details and credit-card numbers of up to 380,000 customers and lasted for more than two weeks.
The airline advised customers who made bookings during that 15 days period and believe they may have been affected by this incident to “contact their banks or credit card providers and follow their recommended advice.”
The company also said that saved cards on its website and mobile app are not compromised in the breach. Only cards that have been used by users to make booking payments during the affected period are stolen.
https://thehackernews.com/2018/09/british-airways-data-breach.html
Brock Donnelly says
Having just purchased plain tickets this title sent me for a quick heartbeat flutter. Good thing I am not going to Britain.
The airline advised customers who made bookings during that 15 days period and believe they may have been affected by this incident to “contact their banks or credit card providers and follow their recommended advice.”
…in other words, we are not responsible for our weak security, don’t bother us, good luck suing.
This is just another representation of a corporation not being held responsible for their negligence and causing customer damage.
It took a third parties notification for BA to be aware of the data loss. There was no detection on BA’s side. As of this report, the authors are stating that this is actually data theft and not a data breach which we hear all too regularly. Data breaches seem to be a large part of the credit card processing cybersecurity headlines. Since this is looking to be an internal data theft issue, British Airways should have had considerable measures in place for this kind of prevention.