The UK’s national airline carrier has announced it was the victim of a data breach wherein the “personal and financial details” of customers were stolen by hackers.
The airline said the hack went along for nearly two weeks between August 21 and September 5 wherein 380,000 payment cards have been compromised, the Telegraph reported. Customers who used their cards through ba.com or the airline’s mobile app are affected and were urged to contact credit card providers and banks.
British Airways chairman and chief executive Alex Cruz said:
We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.
We are investigating the theft of customer data from our website and our mobile app, as a matter of urgency. For more information, please click the following link:https://t.co/2dMgjw1p4r
— British Airways (@British_Airways) September 6, 2018
The airline insists that travel or passport details have not been compromised, meaning the data breach could have been a lot worse.
“The personal and financial details of customers making bookings on ba.com and the airline’s mobile app were compromised,” the airline’s press release said. “No passport or travel details were stolen.”
The airline operator also said it will reach out to all impacted customers “to say sorry”.
The UK’s National Crime Agency said: “We are aware of reports of a data breach affecting British Airways and are working with partners to assess the best course of action.”
The data breach is yet another major embarrassment for British Airways. Last year, the airline suffered an IT outage when a power surge in its control center threw off global flight schedules leaving tens of thousands of passengers stranded, most of them in Heathrow and London airports.
British Airways’ disclosure also comes under the newly-enforced GDPR rules wherein companies in Europe are required to notify regulators within 72 hours of being made aware of a data breach.
Image credit: Pexels.