Have you used the British Airways website recently?
Debit and credit card details may have been stolen from over 185,000 customers after the British Airways website was hacked yet again.
It is estimated 77,000 had their name, address, email address and detailed payment information taken and 108,000 people lost personal details.
This comes after a previous breach of its website earlier this year affecting 380,000 transactions, where passenger names and home addresses were compromised, as well as financial information, including debit and credit card numbers, expiry dates and CVV codes. In this instance, malicious code designed to ‘skim’ financial data was injected into the British Airways website without being detected.
All websites are based on code, it determines the functionality along with the overall design, but malicious code can be injected instead. It is common for websites to embed multiple pieces of code from other sources or third-party suppliers and hackers can exploit this vulnerability.
Both attacks were carried out by the same perpetrators.
British Airways will be contacting the customers affected by this to inform them if their details have been stolen.
Unfortunately British Airways are not the only company to experience this type of cyber attack and they are on the rise.
Once cyber criminals have personal data it can be used to access bank and credit card accounts to make fraudulent purchases. Stolen data may also be sold using the Dark Web.
Some security experts suggest that it’s likely the data stolen by the British Airways hackers is already available for sale on the dark web.
There will be an investigation by the UK’s National Crime Agency and the Information Commissioner’s Office.
You can check if your personal data has been compromised by data breaches by using https://haveibeenpwned.com/