British Airways has said that cyber criminals had stolen the credit card and personal details of 380,000 customers.
Image: British Airways’ flight. Photo: Courtesy of British Airways.
As per British Airways, details of customers including personal and financial details, were stolen between 21 August until 5 September, this year.
The airlines has also confirmed that data related to passport and travel details were not stolen.
It is estimated that data related to card payments of nearly 380,000 has been compromised.
The airline said the breach has been resolved and the website is now working normally. When a customer makes a transaction on the airlines’ website, all the details such as the name, address, debit or credit card number, Card Verification Value (CVV) on the back of the card were recorded. With this hack all such details were at risk.
With this information at hand, criminals can resort to cloning of cards, online purchases, or could even sell these details to other criminals.
British Airways stated that it is communicating with its customers to contact their banks or credit card providers and to follow their recommended procedure.
According to British Airways, it was not breach of airline’s encryption. But, there were other sophisticated methods and efforts by criminals in obtaining its data. Some experts believe that the hackers carried out an online version of card ‘skimming’ by copying data as it entered into the system during the purchasing process, the Guardian reported.
The company has also agreed to compensate customers any financial loss that has been suffered by its customers.
The data breach was identified by a third party, which informed British Airways about some unusual activity during the mentioned dates, the Independent reported.
British Airways said: “The airline has guaranteed that financial losses suffered by customers directly because of the theft of this data from British Airways will be reimbursed.”