Hackers attacked the airline British Airways: stolen data 380,000 customer bank cards

    Image: Riik @ mctr | CC BY-SA 2.0

    British Airways has confirmed that it has become a victim of cyber attacks. The attackers managed to gain access to personal data of customers and seize information about 380,000 bank cards.

    What happened

    According to the company, the victims of the attack were users who purchased tickets through ba.com and British Airways mobile apps from August 21 to September 5.

    In its Twitter, the airline reported that in addition to billing information, attackers gained access to personal data, including customer names and addresses. At the same time, they failed to take possession of passport numbers or information about the flights booked.

    Despite the fact that the published statement did not contain information on the number of victims, the representative of British Airways in a conversation with the media confirmed that it was about 380 thousand compromised bank cards.

    What is the reason for the attack

    At the moment it is not fully understood what caused the hacking. However, some media have already written that the attack was discovered when "an outside organization discovered unusual activity" and informed the airline about it.

    A spokesman for British Airways said that in this case it’s about “data theft, not data leakage”. This allowed journalists to suggest that the theft was committed by company employees who had access to important information. According to the company, at the moment the cyber attack is reflected, and all systems are operating normally.

    At the end of August 2018, another airline, Air Canada, fell victim to cyber attack. Then, along with personal data were stolenpassport numbers of passengers and information about their flights. The victims of the attack were 20 thousand people.

    The time of lone hackers who hack into corporate networks of financial companies and government agencies is passing. Today, a cyber attack organizer does not have to have the technical skills to develop malware and hack computer systems. He can find the necessary tools and mercenaries at specialized trading platforms in a darkweb.

    As part of the research activities of Positive Technologies in the field of information security, we analyzed in detail the market for criminal cyberservices and tried to assess whether a cybercriminal needed a wide range of specialized knowledge, or to launch an attack, it’s enough to turn to representatives of the shadow market.

    On Thursday, September 20, at 14:00 , during a free webinar, Positive Technologies analyst Vadim Soloviev will tell you how much a cyber attack organization costs, what products and services are used during the preparation phase and during the attack, as well as examples of real punishments. The webinar will be of interest to everyone who is involved in the field of information security.

    To participate in the webinar you need to register .

    Also popular now: