British Airways website and mobile app Hacked. Personal Data stolen.
British Aiways today, via Twitter, Facebook, and their website, has confirmed that their website was breached and the personal data of people using the site has been compromised.
From British Airways:
We are investigating, as a matter of urgency, the theft of customer data from our website and our mobile app. The stolen data did not include travel or passport details.
From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on our website and app were compromised.
The breach has been resolved and our website is working normally. We have notified the police and relevant authorities.
We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.
What to do if you have been affected
If you believe you have been affected by this incident, then please contact your bank or credit card provider and follow their recommended advice. Please check back here for further updates, we will be updating this page.
Yikes, so it looks like the financial information of people who were making bookings was likely
stolen “compromised” and you should double check with your bank or credit card to make sure that nothing fishy is going on. Three very important question showed up in the FAQ part of the website.
How do I know if I have been affected?
This relates to customer bookings made from 22:58 BST August 21 2018 to 21:45 September 5 2018 inclusive. We will be contacting affected customers directly to advise them of what has happened and are advising them to contact their banks or credit card providers and follow their recommended advice.
Will there be any compensation?
We take the protection of our customers’ data seriously, and are very sorry for the concern that this criminal activity has caused. We will continue to keep our customers updated with the very latest information. We will be contacting customers and will manage any claims on an individual basis.
What data has been lost?
The personal and financial details of customers making bookings on ba.com and the airline’s mobile app were compromised. No passport or travel details were stolen.
Will there be compensation? Interesting how they say that we take it seriously blah blah and we’ll manage claims on an individual basis. As someone who used to work in finance, I also take these situations very seriously. I get that there’s not much you can do, but if you do see unauthorized charges on your card, make sure to report them at the earliest convenience. You won’t be liable for any authorized charges (at least you shouldn’t be) as long as you report them in a timely manner.