Last month, we heard of a shocking data breach at British Airways that affected thousands of customers. The hackers allegedly stole sensitive information of airline customers including the payment card details. At that time, the airline mentioned a count of 380,000 customers affected by the breach. However, the British Airways hack update adds another 185,000 users to the affectees losing payment card data, making the breach worse than we initially speculated.
British Airways Hack Update Increased Affected Customers Count
The British Airways hack update released Thursday brought no good news to airline customers. In fact, it made the facts worst than previously thought. As stated by the airline in their media release, the investigations showed an increased number of customers affected in the breach.
The investigation has shown the hackers may have stolen additional personal data and we are notifying the holders of 77,000 payment cards, not previously notified, that the name, billing address, email address, card payment information, including card number, expiry date, and CVV have potentially been compromised, and a further 108,000 without CVV.
These affected customers are only those who interacted with British Airways for making reward bookings between the dates April 21, 2018, and July 28, 2018.
Initially, they claimed the total number of affectees were 380,000. However, they continued investigating the matter in collaboration with the National Crime Agency and other forensic investigators.
The Number Of Initial Affectees Lowered
Although, the investigation has added up to the list of airline customers affected during the breach. Nonetheless, it also removes some from the initial speculations. According to the BA media release,
In addition, from the investigation, we know that fewer of the customers we originally announced were impacted. Of the 380,000 payment card details announced, 244,000 were affected. Crucially, we have had no verified cases of fraud.
BA pledges to reimburse any affectees suffering financial losses due to this incident. They also offer credit rating monitoring to the affected individuals.
Shortly after the airline disclosed the breach, researchers from RiskIQ discovered the hackers behind the incident. They found them to be the same MageCart Group that has an infamous history of targeting various e-commerce businesses to pilfer payment details.