BA Data Theft

Back to Forum

This topic contains 65 replies, has 30 voices, and was last updated by  SimonS1 13 Sep 2018
at 19:43
.

Viewing 15 posts - 1 through 15 (of 66 total)

  • Gold-2K
    Participant

    Surprised I haven’t been contacted directly by BA about this??

    https://www.bbc.com/news/uk-england-london-45440850

    Anything to be concerned about?


    openfly
    Participant

    I’m surprised that it has not happened sooner.


    goldaviator
    Participant

    From 21st Aug to 5th Sept this went on without BA finding out? 15 days of data theft of personal and FINANCIAL details of customers booking on ba.com? BA’s response is for customers to contact their bank for advice.

    This beggars belief!


    ImissConcorde
    Participant

    I went to ba.com to change my password

    Sorry, there’s a problem with our systems. Please try again, and if it still doesn’t work, you might want to try again later


    Gold-2K
    Participant

    From 21st Aug to 5th Sept this went on without BA finding out? 15 days of data theft of personal and FINANCIAL details of customers booking on ba.com? BA’s response is for customers to contact their bank for advice.

    This beggars belief!

    That is the bit that concerned me also. Wasn’t sure if it meant there was one breach sometime between the two dates i.e. they are saying they don’t know, or it was open season for all hackers for sixteen days!

    Also they say no ticket or passport info was impacted, but payment details? I guess thats not a concern for BA as long as they got paid OK.

    Thats what happens when you have interns running your back office …… Idiots!


    goldaviator
    Participant

    BA has been quoted in the news saying “380000 transactions were affected”!

    And their advice is ‘contact your bank’? At the very minimum they should have immediately set up a dedicated hotline phone number for people to call who have queries about this data breach. But that would have cost them money, so hey, contact your bank instead.

    Well done BA for tackling this head on, only taking 15 days to realise your ‘secure’ systems had been breached, providing reassurance to your customers by telling them no passport or personal details had been compromised, just your credit card details. That’s reassuring.


    Gold-2K
    Participant

    I have just received a generic email from BA.


    Dear Customer,

    From 22:58 BST 21 August 2018 until 21:45 BST 5 September 2018 inclusive, the personal and financial details of customers making or changing bookings at ba.com, and on our app were compromised. The stolen data did not include travel or passport information.

    The breach has been resolved and our website is working normally.

    We’re deeply sorry, but you may have been affected. We recommend that you contact your bank or credit card provider and follow their recommended advice.

    We take the protection of your personal information very seriously. Please accept our deepest apologies for the worry and inconvenience that this criminal activity has caused.

    Further information can be found at ba.com.

    Yours sincerely,

    Alex Cruz
    Chief Executive Officer

    Frankly I don’t give a $&#t if someone has access to my avois account. However if someone has my Amex details and security code I may be slightly more concerned. So was expecting a bit more than “tough, contact your bank or credit card company as I’m too busy working my way through a bottle of vintage Rioja”.

    Just for the record Signor Cruz, I spent close to £75k on premium tickets with BA in the last 12 months and was expecting a bit of the “to fly to serve” nonsense from you.

    No personal contact.
    No offer of assistance
    No dedicated phone line
    No help whatsoever!

    Give up!


    Swissdiver
    Participant

    It is appalling. Not the theft. These things happen nowadays. But the reaction is very weak in front of what seems to be a huge breach.


    Swissdiver
    Participant

    It’s a joke!

    We take the security of your data very seriously. To help protect your data, we require you to confirm some additional details.

    Then I couldn’t change my password. It is too late anyway I reckon. Still… Bloody Spanish management!


    esselle
    Participant

    Yes, but……

    BA crap response etc to one side, they are right to advise you to contact your bank/CC company as only they will be able to tell you if your account has been accessed/hacked, and then what needs to be done to secure it.

    BA wouldn’t be able to tell you that.

    Now, the question is what would/should BA be responsible to you for if indeed you have suffered loss? The answer to that is probably not at all clear.


    capetonianm
    Participant

    Hopefully this will herald the demise of the peseta-pinching Basque who has introduced so many of the cuts and consequently damaged the reputation of a once proud airline.

    2 users thanked author for this post.

    LuganoPirate
    Participant

    Thats what happens when you have interns running your back office …… Idiots!

    I wonder if it was an inside job from one of them?

    Yes, but……

    BA crap response etc to one side, they are right to advise you to contact your bank/CC company as only they will be able to tell you if your account has been accessed/hacked, and then what needs to be done to secure it.

    Esselle does have a point and though I have no love for BA, I was thinking the same. While worrying, I believe the CVV numbers are not stored and still have to be entered manually each time you book and many cards now insist on a verification either “verified by Visa” or the MC one, or by authentication via mobile phone. This should hopefully limit any damage. Still a poor response from them though.

    Hopefully this will herald the demise of the peseta-pinching Basque who has introduced so many of the cuts and consequently damaged the reputation of a once proud airline.

    It won’t be ;-(


    goldaviator
    Participant

    LuganoPirate and Esselle, you are both correct, the card company is going to be the one that will have to sort this out. Any fraudulent transactions should be cover by your cc etc. That said, from a customer service point of view, when faced with the uncertainty of whether my transactions with BA over the last couple of weeks has compromised my cc security, they could have done more…..but then BA doesn’t really do customer service very well any more.


    capetonianm
    Participant

    As a further point, I wonder how many people realise that anyone who can access an airline PNR has access to some or all of the following information. This is one of the reasons not to allow ‘duty free’ shop staff to scan a boarding card. It contains the PNR locator. Someone dishonest working in cahoots with someone working for an airline could then access :

    Full names
    Billing and Home Addresses
    Passport number, place and date of issue and expiry.
    Telephone numbers
    Email Address
    Credit Card details which in some cases may include CVV (shouldn’t be so but can be)
    Full details of itinerary, eticket details,
    Possible access to passenger profile giving travel patterns etc.
    FF numbers
    Other miscellaneous information, OSIs, SSRs.

    3 users thanked author for this post.

    CathayLoyalist2
    Participant

    Just watched Alex Cruz on BBC Breakfast. This was one of the BBC´s poorest interviews of a senior executive I have seen in a long time. Skipped over this being the many in a long list of IT failures and the BBC focused on confidence in BA. He ignored a half-hearted question about should he consider his position as it was asked in an almost apologetic manner. Cruz then launched into ” we have a formidable team delivering new products , destinations and we stay close to our customers”. He didn´t look at all confident almost willing himself to get through the interview unscathed. I guess he had to stay strictly with a script probably written by WW. He did confirm that anyone affected financially would be compensated. Only after the interview finished did the presenter refer to this being the latest in a series of IT failures but also noted that BA, notably Cruz were quick to be visible this time, whereas in the past Cruz went AWOL. Fortunately Cruz was not wearing a high viz jacket!! How long can Cruz hang on given the TSB CEO was removed over an IT failure?.

Viewing 15 posts - 1 through 15 (of 66 total)
You must be logged in to reply to this topic.
Be up-to-date
Magazine Subscription
To see our latest subscription offers for Business Traveller editions worldwide, click on the Subscribe & Save link below
Polls