TravelMole
Breaking

BA hit by 'sophisticated, malicious' security hack

Friday, 7 September 20183 min read
BA hit by 'sophisticated, malicious' security hack

British Airways has launched an urgent investigation after it was hit by a major security breach.

Personal and financial data of nearly 400,000 customers was stolen from its website and mobile app, although BA stressed the data did not include travel or passport details.

The breach happened between August 21 and September 5 inclusive and targeted customers making bookings or changes to their bookings.

BA assured customers the breach has now been resolved and its website is working normally.

It has also notified the police and relevant authorities.

Chairman and chief executive Alex Cruz said: "We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously."

Customers who believe they have been affected should contact their bank or credit card provider and follow their recommended advice.

BA said it is contacting affected customers directly to advise them of what has happened and says they will be fully reimbursed for a credit checking service.

It is also advising passengers to reset their passwords for its website and to choose a unique password not used on other online accounts.

Speaking to BBC Breakfast, Cruz said it was a ‘sophisticated, malicious criminal attack’.

He said it had been alerted to the attack by a ‘partner’.

The airline has taken out adverts apologising for the breach in today’s newspapers.

But some customers have complained that they have not been contacted by the airline and have only found out about the breach through the media.

Paul Farrington, head of EMEA at app security company CA Veracode, said it was shocking that it took 16 days to detect the breach.

He said IT issues are not only affecting BA but the wider airline industry.

"As airlines become ever more dependent on software, this creates a greater surface for hackers to attack and so it is no surprise that breaches of this scale are becoming commonplace," he said.

Shares in BA parent IAG were down almost 3% this morning.

Fiona Cincotta, senior market analyst at City Index, said the company was grappling with the aftermath.

"BA said that the attack was a sophisticated breach of its security system but this is the last in a series of IT problems the company has had this year including IT issues which caused flights in and out of Heathrow airport to be cancelled only six weeks ago," she said.