A massive British Airways hack has compromised the card details of anyone who’s book a flight with the airline over the past fortnight. If that’s you, then there are some steps you need to take immediately.
The firm has advised those who booked online or via the app from August 21 at 22:58 BST to September 5 at 21:45 BST to notify their banks and change their British Airways account password.
Read more: Internet security guide
Contacting your bank to cancel the card you used with British Airways should be your top priority. The BBC’s Rory Cellan-Jones has reported that stolen information includes card numbers, expiry dates and CVC digits, which suggests that the attackers have enough information to be able to use your card to commit fraud.
Card information stolen from BA includes number, expiry date and CVC code – enough to commit fraud
— Rory Cellan-Jones (@ruskin147) September 7, 2018
One of our writers was affected by the hack and had to go through the process of cancelling their card. The customer assistant at their bank told them that there were “a hundred” customers waiting in line on the phone, and that they expected all of them were calling for the same reason.
But with 380,000 customers estimated to have been affected by the hack, that’s not exactly surprising.
No travel or passport details were stolen, the airline promises. It also says the breach has been resolved and the website is now working normally.
“We are deeply sorry for the disruption that this criminal activity has caused,” the company said in a blog post. “We take the protection of our customers’ data very seriously.”
We are investigating the theft of customer data from our website and our mobile app, as a matter of urgency. For more information, please click the following link:https://t.co/2dMgjw1p4r
— British Airways (@British_Airways) September 6, 2018
The firm says all current and future flights are unaffected by the breach, with customers able to check in for their trips as normal. In order to carry out the recommended BA.com password change, hit the Forgotten Pin/Password link in the top right-hand corner of the company’s homepage.
BA is promising more information on the breach via the blog post.
In terms of potential compensation for affected users, the company writes: “We will continue to keep our customers updated with the very latest information. We will be contacting customers and will manage any claims on an individual basis.”
Have you been affected by the BA hack? Drop us a line @TrustedReviews on Twitter.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.