UPDATE ON BRITISH AIRWAYS CYBER ATTACK
Further to International Airlines Group's (IAG) announcement on September 6, 2018 regarding the theft of its subsidiary British Airways' customers' data, the airline has been working continuously with specialist cyber forensic investigators and the National Crime Agency to investigate fully the data theft. It is updating customers today with further information as it concludes the internal investigation.
The investigation has shown the hackers may have stolen additional personal data and British Airways is notifying the holders of 77,000 payment cards, not previously notified, that the name, billing address, email address, card payment information, including card number, expiry date and CVV have potentially been compromised, and a further 108,000 without CVV. The potentially impacted customers were only those making reward bookings between April 21 and July 28, 2018, and who used a payment card.
While British Airways does not have conclusive evidence that the data was removed from its systems, it is taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution.
In addition, from the investigation British Airways knows that fewer of the customers originally identified were impacted. Of the 380,000 payment card details identified, 244,000 were affected.
Since the announcement on September 6, 2018 British Airways can confirm that it has had no verified cases of fraud.
October 25, 2018