BA Says 185,000 More Customers Affected By Data Breach

October 25, 2018

Bookmark and Share

British Airways says it has identified another 185,000 customers who may have had their credit card information stolen in a data breach earlier this year.

​BA Says 185,000 More Customers Affected By Data Breach

In an update to information provided on a separate data breach that lasted over a two week period at the end of September, BA said hackers may have stolen additional personal data in an attack between April 21 and July 2 this year.

The airline said it had been working with specialist cyber forensic investigators and the UK National Crime Agency to investigate September’s data breach when it discovered that more customers were the victims of the sophisticated attacks.

Passengers affected by the newly discovered attack are limited to those making reward bookings between April 21 and July 28, 2018, and who used a payment card.

BA said it was notifying the owners of 77,000 payment cards, not previously contacted, who may have had personal information stolen. Their name, billing address, email address, card payment information, including card number, expiry date and CVV have all been potentially compromised.

A further 108,000 cards without CVV information are also potentially at risk.

“While we do not have conclusive evidence that the data was removed from British Airways’ systems, we are taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution,” an airline statement said. “Customers who are not contacted by British Airways by Friday 26 October at 1700 GMT do not need to take any action.”

In slightly better news, British Airways said that fewer people potentially affected by the September breach have been impacted. Of the 380,000 payment card details originally thought to have been stolen, 244,000 were actually affected.

BA said it had no verified cases of fraud as a result of that breach.

The International Airlines Group subsidiary apologised that the criminal activity had occurred and said they will reimburse any customers who have suffered financial loss as a direct result of the data theft.

BA will also offer credit rating monitoring to customers who are concerned about an impact to their credit rating.