British Airways website hack exposed customer financial data

Larry Hoffman
September 8, 2018

A British Airways Gold member based in Milan said there had been fraudulent activity on his American Express credit card, which he used to book a British Airways flight two weeks ago.

British Airways customers are having to cancel their credit cards after the airline suffered a 15-day data breach, compromising some 380,000 card payments.

BA has notified its customers and advised them to contact their bank or card providers.

"We take the protection of our customers' data very seriously", said Alex Cruz, British Airways' Chairman and Chief Executive.

The airline had launched an investigation and was communicating with affected customers. The criminal breach is presumed to have put at risk the financial and personal details of around 380,000 clients.

Customers who made bookings on the website had their personal and financial information compromised between August 31 and September 5.

Parent company IAG says that the situation is now under control and that the website and app are functioning normally.

The online theft saw details stolen including name, email address and credit card information, including the CVV code. Well, that's not for BA to say, of course.

The airline said the problem was down to an incident with an IT system.

The airline apologised for the “disruption that this criminal activity has caused”.

In terms of compensation, BA said they would be in touch with customers "and will manage any claims on an individual basis".

It said customers due to travel could check in online as normal, as the incident had been resolved.

Cruz said the hack was not a breach of the airline's encryption. The airline said it would compensate passengers for any losses, signalling the potential for large payouts, given the number of customers affected.

She said a lack of communication between BA and American Express meant she had to wait hours for her card to be cancelled.

Which? said it was "vital" BA moved quickly to ensure affected customers get clear information and what steps they need to take to protect themselves.

Other reports by

Discuss This Article