British Airways Data Breach Takes Off Again with 185K More Victims

British Airways Data Breach Takes Off Again with 185K More Victims

British Airways Data Breach Takes Off Again with 185K More Victims

Data breaches / Thu, 08/22/2024 - 09:15

The news comes on the heels of a breach at Cathay Pacific exposing 9.4 million people.

British Airways said that the data breach it first reported in September is larger than previously thought. It has added an additional 185,000 victims to the official tally.

The airline said that hackers may have stolen personal data connected to an additional 77,000 payment cards, including name, billing address, email address and card payment information – including card number, expiry date and CVV. And, it uncovered a further 108,000 cards that were exposed without CVV.

In the plus column, of the 380,000 payment cards originally thought to be compromised, only 244,000 of those were actually affected, upon investigation. The net total for the entire breach now stands at 429,000.

The impacted customers were those using their air miles to book flights on the website between April 21 and July 28 of this year, and who used a payment card.

“While we do not have conclusive evidence that the data was removed from British Airways’ systems, we are taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution,” the airline said in a website notice. “Crucially, we do not have any verified cases of fraud.”

The breach is believed to have been carried out by the Magecart group, which specializes in e-commerce attacks. According to RiskIQ researchers last month, there were suspicious scripts on the baggage claim information page of the British Airways’ website – which then collected data from visitors and sent it back to the threat actors’ server ... Click Here

About

Kenya Education Network CERT(KENET-CERT) is a Cybersecurity Emergency Response Team and Co-ordination Center operated by the National Research and Education Network of Kenya. KENET-CERT coordination center promotes awareness on cybersecurity incidences as well as coordinates and assists member institutions in responding effectively to cyber security threats and incidences. KENET-CERT works closely with Kenya's National CIRT coordination center (CIRT/CC) as a sector CIRT for the academic institutions. KENET promotes use of ICT in Teaching, Learning and Research in Higher Education Institutions in Kenya. KENET aims to interconnect all the Universities, Tertiary and Research Institutions in Kenya by setting up a cost effective and sustainable private network with high speed access to the global Internet. KENET also facilitates electronic communication among students and faculties in member institutions, share learning and teaching resources by collaboration in Research and Development of Educational content.