Save, make, understand money

Household Bills

British Airways data breach: customers should act now

Paloma Kubiak
Written By:
Paloma Kubiak

British Airways has revealed customer data was accessed from its website and mobile app at the height of the summer holidays.

The airline confirmed the breach occurred between 10:58pm on 21 August until 9:45pm on 5 September 2018. It resulted in around 380,000 card payments being compromised.

Those affected included customers making or amending bookings via its website or mobile app during this time.

Personal and financial details were hacked, but this data didn’t include travel, passport or Executive Club accounts so Avios and Tier points are safe.

BA said the breach has now been resolved and its website is working normally. Customers due to fly today onwards can also check-in online as usual.

But customers should still act to ensure their details are safe. BA said it will be contacting affected customers directly to let them know what has happened and it advises customers to contact banks or credit card providers as a precaution.

The airline added that it will pay for a 12-month credit checking subscription so customers can monitor any suspicious activity. It also said every customer affected will be “fully reimbursed”.

As a precaution, customers are also urged to change their passwords which can be done as follows: click the forgotten pin/password link on the top right-hand corner of the ba.com homepage.

Alex Cruz, British Airways’ chairman and chief executive, said “We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.”

Alex Neill, Which? managing director of home products and services, said: “British Airways customers will be concerned to hear about this data breach. It is now vital that the company moves quickly to ensure those affected get clear information about what has happened and what steps they should take to protect themselves.

“Anyone concerned they could be at risk of fraud should consider changing their online passwords, monitor bank and other online accounts and be wary of emails regarding the breach as scammers may try and take advantage of it.”