British Airways issued a press release saying that the “personal and financial details” of customers that have used its website and mobile app to book travel have been stolen, but that this does not include travel details (itineraries) or passport information.
This all happened late Wednesday night London time,
From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline’s app were compromised.
The breach has been resolved and our website is working normally.
They say they’re reaching out to customers they believe have been affected, but that anyone worried about it should “contact their banks or credit card providers” and do whatever those companies suggest. In other words they have no suggestions and aren’t funding options at this time.
The CEO of British Airways, Alex Cruz, says they’re “deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.” But not seriously enough to invest in better security or cover credit monitoring or other assistance for customers whose financial and personal information was revealed, although perhaps that will come.
Travel providers, financial institutions, and retailers are subject to hacks all the time. Personal data isn’t safe, and that should make us skeptical of centralized databases of personal information regardless of who collects it.
And there’s not much we can do about it, pay for LifeLock? LifeLock is the company whose CEO published his social security number to demonstrate the power of his system and dared hackers to steal his identity. Which they promptly did. Thirteen times.
It seems to me British Airways ought to compensate affected members with miles, at least.