British Airways recently announced a second data breach that affected over 185,000 customers. In its latest statement, the company announced that its payment website was compromised, affecting customers who made reward bookings between April 21 and July 28, 2018, using a payment card.
The British Airways discovered the incident while investigating on its previous breach that occurred in September 2018, which affected 380,000 transactions.
Of the 185,000 affected customers, the airlines stated that personal information of 77,000 customers was exposed, including name, billing address, email address, card number, expiry date, and CVV. And, the remaining 108,000 customers lost personal details apart from the CVV number.
British Airways is communicating with affected customers and requesting them to reach out to their respective banks or credit card providers and follow their recommended advice.
The airline made an announcement regarding the first breach on September 6, 2018. It notified its customers that “From 22:58 BST August 21, 2018 until 21:45 BST September 5, 2018 inclusive, the personal and financial details of customers making or changing bookings on our website and app were compromised.” Around 380,000 payment-card details were stolen during the period. The airline has notified the police and investigations are underway. The airlines also assured that it will compensate for all the losses to its customers.
Recently, a research report stated that a hacker group dubbed Magecart were responsible for the data breach on British Airways. According to the security researcher Yonathan Klijnsma from cybersecurity company RiskIQ, the attackers allegedly used a skimming script, a malicious code, designed to steal the data from the British Airways website.
“This particular skimmer is very much attuned to how British Airway’s payment page is set up, which tells us that the attackers carefully considered how to target this site instead of blindly injecting the regular Magecart skimmer,” the researcher wrote in a report. “The infrastructure used in this attack was set up with British Airways in mind and purposely targeted scripts that would blend in with normal payment processing to avoid detection.”