13th Sep 2018
The card details of 380,000 British Airways (BA) customers were stolen in a data security breach between 21 August and 5 September.
According to BA boss Alex Cruz, a “sophisticated, malicious criminal attack” on the company’s website was the cause of the breach, although the airline said that the compromised data did not include travel or passport information.
Affected customers have been advised to contact their card providers, given that those responsible acquired data that could be used to hack into customers’ credit cards.
Cruz said: “We know the information that has been stolen is name, address, email address and credit card information – credit card number, expiration and the three-letter code on the back of the card.
“No itinerary information, no frequent flyer data, no passport data has been compromised.”
Claims are also likely to hit the airline from those customers who have suffered financial fraud.
It also faces a potential fine from the Information Commissioner’s Office, given that Talk Talk was slapped with a record £400,000 fine in 2015 after a cyber security attack that affected 156,959 people, fewer than half as many customers as the number who had data compromised in the BA breach.
In the aftermath of the news, shares in International Airlines Group, the airline’s owner, fell by more than 4% when trading opened on Friday 7 September.