British Airways breach sees hackers take-off with customers' payment details

British Airways said his behaviour was

Image British Airways is owned by International Airlines Group

British Airways customers have shared their anger at the airline's "bizarre" handling of a data breach which compromised around 380,000 card payments over a 15-day period.

Any claims from customers impacted by the breach will be managed on a case-by-case basis, British Airways explains on its data theft incident report website (link below). To have your customers' financial information stolen by unidentified hackers.

The personal and financial details of people who booked flights on the airline's website and app between August 21 and September 5 were affected.

Parent company IAG says that the situation is now under control and that the website and app are functioning normally. Luckily, customer travel plans and passport numbers were not affected.

"The moment we found out that actual customer details had been compromised, that is when we began an all-out immediate communication to our customers, that was the priority", he said.

The airline was hit by a "very sophisticated malicious criminal attack" on its website and app between 21 August and 5 September. "The first thing to say is that I am extremely sorry for what happened", Cruz said on the BBC Radio 4 Today programme.

The customer, who preferred not to give his name to prevent any further activity, said: "I'm astonished".

NatWest, one of Britain's biggest card issuers, said it was receiving higher-than-usual call volumes because of the breach.

"Anyone concerned they could be at risk of fraud should consider changing their online passwords, monitor bank and other online accounts and be wary of emails regarding the breach as scammers may try and take advantage of it".

The airline has yet to confirm if affected customers will be compensated. Paul Lipman, chief executive of cybersecurity company Bullguard, said customers' credit data was "almost certainly up for sale on the dark web as we speak".

"Typically, we're lucky to get a date range of less than six months to a year, which makes a potential victim's response to any threat hard", said Boyd.

Latest News