British Airways user data was hacked back in August, here’s what you need to do

Update: So it seems the cause of this data breach has finally been identified. According to a security firm, credit card skimming malware was installed on the company’s website three months ago. Any payments made through British Airways’ website or mobile app were stolen over a three-week period.

Yonathan Klijnsma, a threat researcher at RiskIQ believes the same people responsible for Ticketmaster’s recent breach are the culprits behind this data breach.

British Airways (BA) has told the BBC that the company is dealing with a “sophisticated, malicious criminal attack” against its website and app. In total, 380,000 transactions involving personal and financial details from customers were affected.

According to British Airways CEO Alex Cruz, the hack affected transactions initiated between 22:58 BST on Aug. 21 and 21:45 BST on Sept. 5. Customer names, email addresses, and credit card information were hacked from these transactions. If you did not purchase tickets during that timeframe, you should be safe. The company also stated that passports and travel details were not a part of the breach.

He explains:

We’re extremely sorry. I know that it is causing concern to some of our customers, particularly those customers that made transactions over BA.com and app.

We discovered that something had happened but we didn’t know what it was [on Wednesday evening]. So overnight, teams were trying to figure out the extent of the attack.

To deal with irate customers, BA has established a webpage where users can go to find out the latest information in this situation.  On this site, three important questions are answered:

Take Control of Your Health with Fitbit Charge 6! Save up to $60 - Limited Time Offer

Get accurate insights into your heart rate, calories burned, sleep patterns, and more. Achieve your fitness goals while prioritizing your overall well-being.

Check Availability

What do I need to do?

If you’ve been affected, you should change your online passwords. Then monitor your bank and credit card accounts keeping an eye out for any dodgy transactions. Also be very wary of any emails or calls asking for more information to help deal with the data breach: crooks often pose as police, banks or, in this instance they could pretend to be from BA.

Will my booking be affected?

BA says none of the bookings have been hit by the breach. It said it has contacted all those affected to alert them to the problem with their data, but booked flights should go ahead.

Will there be compensation for me?

If you suffer any financial loss or hardship, the airline has promised to compensate you.

This isn’t the first data breach affecting companies in recent months. Among those have been Under Armor, P.F. Chang’s, GrayShift, and many more.

Editors note: This post was recently updated on 9/11 to address the cause of the data breach. 

How do you feel about the seemingly increasing numbers of data breaches occurring? Were you affected by the British Airways breach? Does it make you wary to input personal information on the web? Let us know below.

In related tech news:

• 9 data breach lawsuits that made headlines
• The TeenSafe app data breach is irony at its finest
• T-Mobile customers could have had personal information hacked in a recent breach

Bryan M. Wolfe

Bryan considers himself a well-rounded techie, having written articles for MakeUseOf, KnowTechie, AppAdvice, iDownload Blog. When he's not writing, he's being a single dad and rooting for his alma mater, Penn State, or cheering on the Patriots.