/

What happened in the British Airways data breach?

What happened in the British Airways data breach?

Twingate Team

May 24, 2024

In September 2018, British Airways experienced a data breach that compromised the personal and financial information of customers who made bookings during a two-week period over the summer. The breach occurred on the airline's website and mobile app, affecting a significant number of users. This incident highlighted the importance of robust security measures to protect sensitive customer data.

How many accounts were compromised?

The breach impacted data related to approximately 380,000 individuals.

What data was leaked?

The data exposed in the breach included customers' names, email addresses, home addresses, phone numbers, passport information, travel details, and full payment card details, including the CVV security code.

How was British Airways hacked?

The attackers gained access to British Airways' network using compromised credentials from an employee of a third-party cargo handler, Swissport. Initially restricted to a Citrix environment, the hackers broke out and escalated their privileges after discovering an unsecured administrator password in plaintext. They then modified BA's systems to harvest customer details as they were input, redirecting users to a bogus website designed to skim payment information before sending them back to BA's site.

British Airways's solution

In response to the data breach, British Airways acted swiftly to secure their platform and prevent future incidents. They investigated the theft of customer data as a matter of urgency, reported the theft to the authorities, and contacted all affected customers to apologize and provide updates. While specific enhanced security measures were not detailed, customers were advised to contact their bank or credit card provider and follow their advice if they believed they may have been affected. Additionally, customers were warned to be aware of potential phishing attempts by fraudsters claiming to be British Airways and not to provide payment card details in response to such requests.

How do I know if I was affected?

British Airways did reach out to affected users following the data breach. If you were a British Airways customer during the affected period and did not receive a notification, you can visit Have I Been Pwned to check if your credentials were compromised in this or any other data breach.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts to significantly reduce the risk of unauthorized access.

  4. Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it to the appropriate authorities or companies immediately.

For more specific help and instructions related to British Airways's data breach, please contact British Airways Support directly.

Where can I go to learn more?

If you want to find more information on the British Airways data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

What happened in the British Airways data breach?

What happened in the British Airways data breach?

Twingate Team

May 24, 2024

In September 2018, British Airways experienced a data breach that compromised the personal and financial information of customers who made bookings during a two-week period over the summer. The breach occurred on the airline's website and mobile app, affecting a significant number of users. This incident highlighted the importance of robust security measures to protect sensitive customer data.

How many accounts were compromised?

The breach impacted data related to approximately 380,000 individuals.

What data was leaked?

The data exposed in the breach included customers' names, email addresses, home addresses, phone numbers, passport information, travel details, and full payment card details, including the CVV security code.

How was British Airways hacked?

The attackers gained access to British Airways' network using compromised credentials from an employee of a third-party cargo handler, Swissport. Initially restricted to a Citrix environment, the hackers broke out and escalated their privileges after discovering an unsecured administrator password in plaintext. They then modified BA's systems to harvest customer details as they were input, redirecting users to a bogus website designed to skim payment information before sending them back to BA's site.

British Airways's solution

In response to the data breach, British Airways acted swiftly to secure their platform and prevent future incidents. They investigated the theft of customer data as a matter of urgency, reported the theft to the authorities, and contacted all affected customers to apologize and provide updates. While specific enhanced security measures were not detailed, customers were advised to contact their bank or credit card provider and follow their advice if they believed they may have been affected. Additionally, customers were warned to be aware of potential phishing attempts by fraudsters claiming to be British Airways and not to provide payment card details in response to such requests.

How do I know if I was affected?

British Airways did reach out to affected users following the data breach. If you were a British Airways customer during the affected period and did not receive a notification, you can visit Have I Been Pwned to check if your credentials were compromised in this or any other data breach.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts to significantly reduce the risk of unauthorized access.

  4. Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it to the appropriate authorities or companies immediately.

For more specific help and instructions related to British Airways's data breach, please contact British Airways Support directly.

Where can I go to learn more?

If you want to find more information on the British Airways data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

What happened in the British Airways data breach?

Twingate Team

May 24, 2024

In September 2018, British Airways experienced a data breach that compromised the personal and financial information of customers who made bookings during a two-week period over the summer. The breach occurred on the airline's website and mobile app, affecting a significant number of users. This incident highlighted the importance of robust security measures to protect sensitive customer data.

How many accounts were compromised?

The breach impacted data related to approximately 380,000 individuals.

What data was leaked?

The data exposed in the breach included customers' names, email addresses, home addresses, phone numbers, passport information, travel details, and full payment card details, including the CVV security code.

How was British Airways hacked?

The attackers gained access to British Airways' network using compromised credentials from an employee of a third-party cargo handler, Swissport. Initially restricted to a Citrix environment, the hackers broke out and escalated their privileges after discovering an unsecured administrator password in plaintext. They then modified BA's systems to harvest customer details as they were input, redirecting users to a bogus website designed to skim payment information before sending them back to BA's site.

British Airways's solution

In response to the data breach, British Airways acted swiftly to secure their platform and prevent future incidents. They investigated the theft of customer data as a matter of urgency, reported the theft to the authorities, and contacted all affected customers to apologize and provide updates. While specific enhanced security measures were not detailed, customers were advised to contact their bank or credit card provider and follow their advice if they believed they may have been affected. Additionally, customers were warned to be aware of potential phishing attempts by fraudsters claiming to be British Airways and not to provide payment card details in response to such requests.

How do I know if I was affected?

British Airways did reach out to affected users following the data breach. If you were a British Airways customer during the affected period and did not receive a notification, you can visit Have I Been Pwned to check if your credentials were compromised in this or any other data breach.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts to significantly reduce the risk of unauthorized access.

  4. Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it to the appropriate authorities or companies immediately.

For more specific help and instructions related to British Airways's data breach, please contact British Airways Support directly.

Where can I go to learn more?

If you want to find more information on the British Airways data breach, check out the following news articles: