Customers Who Have Booked on the British Airways Website Just Had Their Payment Details Stolen

British Airways issued a press release saying that the “personal and financial details” of customers that have used its website and mobile app to book travel have been stolen, but that this does not include travel details (itineraries) or passport information.

This all happened late Wednesday night London time,

From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline’s app were compromised.

The breach has been resolved and our website is working normally.

They say they’re reaching out to customers they believe have been affected, but that anyone worried about it should “contact their banks or credit card providers” and do whatever those companies suggest. In other words they have no suggestions and aren’t funding options at this time.

The CEO of British Airways, Alex Cruz, says they’re “deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.” But not seriously enough to invest in better security or cover credit monitoring or other assistance for customers whose financial and personal information was revealed, although perhaps that will come.

Travel providers, financial institutions, and retailers are subject to hacks all the time. Personal data isn’t safe, and that should make us skeptical of centralized databases of personal information regardless of who collects it.

And there’s not much we can do about it, pay for LifeLock? LifeLock is the company whose CEO published his social security number to demonstrate the power of his system and dared hackers to steal his identity. Which they promptly did. Thirteen times.

It seems to me British Airways ought to compensate affected members with miles, at least.

About Gary Leff

Gary Leff is one of the foremost experts in the field of miles, points, and frequent business travel - a topic he has covered since 2002. Co-founder of frequent flyer community InsideFlyer.com, emcee of the Freddie Awards, and named one of the "World's Top Travel Experts" by Conde' Nast Traveler (2010-Present) Gary has been a guest on most major news media, profiled in several top print publications, and published broadly on the topic of consumer loyalty. More About Gary »

More articles by Gary Leff »

Pingbacks

Comments

  1. The good news is that the website and app errored out for 99% of prospective customers before they could input their personal information.

  2. Would pertinent financial information have been lost if AMEX Checkout (and others like it) was an option? I’ve noticed on other sites a different credit card number is used whenever I used the branded online payment system.

  3. Booked a BA ticket day prior to the 5th. Called my credit card to cancel it and get a new card. Called BA customer service about this fiasco, it was a India call center not able to, surprise, understand much of anything. So I will call BA’s corporate office in UK and mention ‘class action’. BA says it will contact affected people, but I’m not holding my breath. Compensation is something that I will demand from them, if only miles. Idiots.

  4. As I posted above, we had bought BA tickets on their website right at the end of the period in question.

    After reading about it here, I called Chase yesterday and the rep hadn’t even heard about it (maybe they should subscribe to the blog). We finally got an email last night from BA (obviously caught a little flat-footed) and they are obviously taking it seriously. It’s prominent on their website.

    https://www.britishairways.com/en-us/information/incident/data-theft/latest-information

    I called Chase back today to request them to cancel the card in question and issue us a new one. They did that without argument.

    It’s now getting a fair amount of media coverage.

    https://www.bbc.com/news/uk-england-london-45440850

    Thanks again, Gary, for your scoop on this.

  5. I was affected and don’t know what to do! Leaving for a trip this weekend and am frustrated that I have to worry about this! Thoughts or suggestions????

Leave a Reply

Your email address will not be published. Required fields are marked *