The United Kingdom’s largest airline British Airways announced that it was probing a massive theft of customer data in which the personal and financial information involving 380,000 transactions was “compromised” between August 21 and September 5, Reuters reported. The stolen data, the airline said, did not include travel or passport details.
In a statement released late on Thursday, British Airways said the affected customers included those who made bookings between August 21, 2018 and September 5, 2018. The airline added that it has notified the police and concerned authorities and was investigating the case as a “matter of urgency”.
“From 22:58 BST (British Summer Time) August 21 2018 until 21:45 BST September 5, 2018 inclusive, the personal and financial details of customers making bookings on our website and app were compromised. The breach has been resolved and our website is working normally. We have notified the police and relevant authorities,” the statement said.
We are investigating the theft of customer data from our website and our mobile app, as a matter of urgency. For more information, please click the following link:https://t.co/2dMgjw1p4r
— British Airways (@British_Airways) September 6, 2018
It added, “The personal and financial details of customers making bookings on ba.com and the airline’s mobile app were compromised. No passport or travel details were stolen.”
Issuing a list of guidelines to assist those affected, the airline said bank and credit card providers must be contacted immediately for further advice. “We will be contacting affected customers directly to advise them of what has happened and are advising them to contact their banks or credit card providers and follow their recommended advice,” the airline said.
The airline also said online check-ins will continue as usual as all systems have resumed functioning normally. It added that no future bookings will be affected. Executive club accounts were also not affected, it said.
Assuring compensation to each of the affected customers, the airline offered to pay for the credit checking service. “Every customer affected will be fully reimbursed and we will pay for a credit checking service. We take the protection of our customers’ data seriously and are very sorry for the concern that this criminal activity has caused. We will continue to keep our customers updated with the very latest information. We will be contacting customers and will manage any claims on an individual basis,” British Airways said.
Expressing regret over the data breach, the airline said, “We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.”
“We are investigating, as a matter of urgency, the theft of customer data from our website and our mobile app. The stolen data did not include travel or passport details,” it added.
The airline also cautioned its customers against password theft and urged them to choose a unique one which is not used for any other online account.