• The breach occurred between August 21 and September 5, 2018, the airline said.
  • About 380,000 payment cards were compromised in the attack.

British Airways announced that a data breach that may have exposed the personal and financial details of hundreds of thousands customers. Users who made a booking on the airline’s website or mobile application were likely affected by the breach.

The airline said that the breach occurred between August 21 and September 5 this year, during which at least 380,000 payment cards were compromised. During the two week span, cybercriminals managed to gain access to customers’ personal and financial data. However, British Airways said that no passports or travel details were stolen by the attackers.

The airline said that it will be contacting affected customers as part of its breach notification process.

“We are investigating, as a matter of urgency, the theft of customer data from our website and our mobile app. The stolen data did not include travel or passport details,” British Airways said in a statement. “The airline has guaranteed that financial losses suffered by customers directly because of the theft of this data from British Airways will be reimbursed, and is recommending that customers contact their bank or card provider if they made a booking or change to their booking between 22:58 BST August 21 2018 and 21:45 BST September 5 2018.”

Breach now "resolved"

British Airways said the issue on its website has since been resolved and it is working as usual. The airline has also notified the police and the relevant authorities of the incident.

As a precaution, users have been advised to replace their banking account and British Airways account passwords with a unique and strong one.

The airline has requested users to call their bank or credit card provider and follow their instructions to reduce potential financial damage.

“We understand that this incident will cause concern and inconvenience. We have contacted all affected customers to say sorry, and we will continue to update them in the coming days. British Airways will not be contacting any customers asking for payment card details, any such requests should be reported to the police and relevant authorities,” said British Airways.

Cyware Publisher