window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-20840989-1');

WARNING

We've detected that you're using Internet Explorer which is an old, insecure browser and incompatible with many modern features.
Our Customer Portal is not available for Internet Explorer users and we recommend using Chrome, Firefox or other modern browsers for best user experience and full functionality.

BA data breach is stark reminder

A massive breach of security at British Airways, which compromised 380,000 card payments, shows that organisations of all sizes are vulnerable to cyberattacks if their security is flawed.

CNC

The theft of credit card numbers, expiry dates, street and email addresses and other personal data follows hot-on-the-heels of BA’s meltdown last year.

BA’s chief executive said the company soon discovered that bookings made between the 21st of August and 5th of September had been infiltrated by a very sophisticated, malicious criminal attack and customers were notified as soon as the breach became known.

But BA remains tight-lipped about how so much personal data was stolen – although it has assured customers that its encryption was not compromised.

The National Crime Agency is now working with BA to try and discover how the data breach occurred. Security company Avast has already suggested that the attackers targeted a gateway between the airline and the payment processor because no travel details were stolen.

Regular audits

Gary Jowett, from Computer & Network Consultants in Brighton, said: “After last year’s chaos for BA’s customers, this latest incident may further damage BA’s brand and impact its profits in the longer term. It’s yet more evidence of the need to frequently test out every entry point into your IT systems to ensure there isn’t a flaw. Such a weak point in the infrastructure clearly occurred in this instance which highlights the need to do regular audits and security tests such as public-facing applications which hackers will target until they find some piece of code which can be exploited for malicious purposes.”

The airline says no customer lost money as a result of the data breach but every individual customer affected immediately became a much more attractive target for future attacks.

Gary added: “The data stolen is now available for re-use or re-sale to a third party, so any business travellers affected and all other BA customers should make sure they’ve cancelled all pertinent cards and should consider changing email addresses, passwords and any other sensitive data.”

Newsletter Archives

By |2019-02-01T08:18:53+00:0014th October 2018|Security|Comments Off on BA data breach is stark reminder

About the Author:

We use cookies to ensure that we give you the best experience on our website. We also use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the CNC website. However, if you'd like to find out more please visit our Legal and Privacy policy page. Accept