More than half a million British Airways customers are now believed to have had their personal data stolen as a result of a security breach last month.
The airline says the total number of passengers affected is much higher than the 380,000 it initially announced. It says an additional 185,000 customers’ payment card information and personal details were compromised as part of the IT breach.
In a statement, the company said around 77,000 of those customers, who hadn’t previously been notified, potentially had their name, billing address, card number, expiry data and security code compromised. The follow-up investigation conducted by the airline revealed that another 108,000 were potentially stolen, but those were lacking the all-important CVV number.
Read more: Internet security guide
Here’s what the company has to say for itself (via The Register): “The investigation has shown the hackers may have stolen additional personal data and British Airways is notifying the holders of 77,000 payment cards, not previously notified, that the name, billing address, email address, card payment information, including card number, expiry date and CVV have potentially been compromised, and a further 108,000 without CVV.
“The potentially impacted customers were only those making reward bookings between April 21 and July 28, 2018, and who used a payment card.”
Back in September, one of our writers revealed he was affected by the hack and had to go through the process of cancelling their card. The customer assistant at their bank told them that there were “a hundred” customers waiting in line on the phone, and that they expected all of them were calling for the same reason.
Initially, BA claimed the breach only affected those who booked online or via the app from August 21 at 22:58 BST to September 5 at 21:45 BST. The company advised those customers to notify their banks and change their British Airways account password.
Were you affected by the BA breach? What correspondence have you received from the airline? Drop us a line @TrustedReviews on Twitter.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.