BA Data Theft
Back to Forum- This topic has 87 replies, 37 voices, and was last updated 5 Oct 2019
at 08:41 by Swissdiver.
-
- Author
- Posts
- Skip to last reply Create Topic
-
Gold-2KParticipantSurprised I haven’t been contacted directly by BA about this??
https://www.bbc.com/news/uk-england-london-45440850
Anything to be concerned about?
6 Sep 2018
at 19:27
goldaviatorParticipantFrom 21st Aug to 5th Sept this went on without BA finding out? 15 days of data theft of personal and FINANCIAL details of customers booking on ba.com? BA’s response is for customers to contact their bank for advice.
This beggars belief!
6 Sep 2018
at 20:07
ImissConcordeParticipantI went to ba.com to change my password
Sorry, there’s a problem with our systems. Please try again, and if it still doesn’t work, you might want to try again later
6 Sep 2018
at 21:00
Gold-2KParticipant[quote quote=887273]From 21st Aug to 5th Sept this went on without BA finding out? 15 days of data theft of personal and FINANCIAL details of customers booking on ba.com? BA’s response is for customers to contact their bank for advice.
This beggars belief![/quote]
That is the bit that concerned me also. Wasn’t sure if it meant there was one breach sometime between the two dates i.e. they are saying they don’t know, or it was open season for all hackers for sixteen days!
Also they say no ticket or passport info was impacted, but payment details? I guess thats not a concern for BA as long as they got paid OK.
Thats what happens when you have interns running your back office …… Idiots!
6 Sep 2018
at 21:37
goldaviatorParticipantBA has been quoted in the news saying “380000 transactions were affected”!
And their advice is ‘contact your bank’? At the very minimum they should have immediately set up a dedicated hotline phone number for people to call who have queries about this data breach. But that would have cost them money, so hey, contact your bank instead.
Well done BA for tackling this head on, only taking 15 days to realise your ‘secure’ systems had been breached, providing reassurance to your customers by telling them no passport or personal details had been compromised, just your credit card details. That’s reassuring.
6 Sep 2018
at 22:15
Gold-2KParticipantI have just received a generic email from BA.
Dear Customer,From 22:58 BST 21 August 2018 until 21:45 BST 5 September 2018 inclusive, the personal and financial details of customers making or changing bookings at ba.com, and on our app were compromised. The stolen data did not include travel or passport information.
The breach has been resolved and our website is working normally.
We’re deeply sorry, but you may have been affected. We recommend that you contact your bank or credit card provider and follow their recommended advice.
We take the protection of your personal information very seriously. Please accept our deepest apologies for the worry and inconvenience that this criminal activity has caused.
Further information can be found at ba.com.
Yours sincerely,
Alex Cruz
Chief Executive OfficerFrankly I don’t give a $&#t if someone has access to my avois account. However if someone has my Amex details and security code I may be slightly more concerned. So was expecting a bit more than “tough, contact your bank or credit card company as I’m too busy working my way through a bottle of vintage Rioja”.
Just for the record Signor Cruz, I spent close to £75k on premium tickets with BA in the last 12 months and was expecting a bit of the “to fly to serve” nonsense from you.
No personal contact.
No offer of assistance
No dedicated phone line
No help whatsoever!Give up!
7 Sep 2018
at 02:13
SwissdiverParticipantIt is appalling. Not the theft. These things happen nowadays. But the reaction is very weak in front of what seems to be a huge breach.
7 Sep 2018
at 05:19
SwissdiverParticipantIt’s a joke!
We take the security of your data very seriously. To help protect your data, we require you to confirm some additional details.
Then I couldn’t change my password. It is too late anyway I reckon. Still… Bloody Spanish management!
7 Sep 2018
at 05:43
esselleParticipantYes, but……
BA crap response etc to one side, they are right to advise you to contact your bank/CC company as only they will be able to tell you if your account has been accessed/hacked, and then what needs to be done to secure it.
BA wouldn’t be able to tell you that.
Now, the question is what would/should BA be responsible to you for if indeed you have suffered loss? The answer to that is probably not at all clear.
7 Sep 2018
at 07:42
capetonianmParticipantHopefully this will herald the demise of the peseta-pinching Basque who has introduced so many of the cuts and consequently damaged the reputation of a once proud airline.
2 users thanked author for this post.
7 Sep 2018
at 08:20
LuganoPirateParticipant[quote quote=887286]Thats what happens when you have interns running your back office …… Idiots![/quote]
I wonder if it was an inside job from one of them?
[quote quote=887334]Yes, but……
BA crap response etc to one side, they are right to advise you to contact your bank/CC company as only they will be able to tell you if your account has been accessed/hacked, and then what needs to be done to secure it.[/quote]
Esselle does have a point and though I have no love for BA, I was thinking the same. While worrying, I believe the CVV numbers are not stored and still have to be entered manually each time you book and many cards now insist on a verification either “verified by Visa” or the MC one, or by authentication via mobile phone. This should hopefully limit any damage. Still a poor response from them though.
[quote quote=887340]Hopefully this will herald the demise of the peseta-pinching Basque who has introduced so many of the cuts and consequently damaged the reputation of a once proud airline.[/quote]
It won’t be ;-(
7 Sep 2018
at 08:37
goldaviatorParticipantLuganoPirate and Esselle, you are both correct, the card company is going to be the one that will have to sort this out. Any fraudulent transactions should be cover by your cc etc. That said, from a customer service point of view, when faced with the uncertainty of whether my transactions with BA over the last couple of weeks has compromised my cc security, they could have done more…..but then BA doesn’t really do customer service very well any more.
7 Sep 2018
at 08:51
capetonianmParticipantAs a further point, I wonder how many people realise that anyone who can access an airline PNR has access to some or all of the following information. This is one of the reasons not to allow ‘duty free’ shop staff to scan a boarding card. It contains the PNR locator. Someone dishonest working in cahoots with someone working for an airline could then access :
Full names
Billing and Home Addresses
Passport number, place and date of issue and expiry.
Telephone numbers
Email Address
Credit Card details which in some cases may include CVV (shouldn’t be so but can be)
Full details of itinerary, eticket details,
Possible access to passenger profile giving travel patterns etc.
FF numbers
Other miscellaneous information, OSIs, SSRs.3 users thanked author for this post.
7 Sep 2018
at 09:04
CathayLoyalist2ParticipantJust watched Alex Cruz on BBC Breakfast. This was one of the BBC´s poorest interviews of a senior executive I have seen in a long time. Skipped over this being the many in a long list of IT failures and the BBC focused on confidence in BA. He ignored a half-hearted question about should he consider his position as it was asked in an almost apologetic manner. Cruz then launched into ” we have a formidable team delivering new products , destinations and we stay close to our customers”. He didn´t look at all confident almost willing himself to get through the interview unscathed. I guess he had to stay strictly with a script probably written by WW. He did confirm that anyone affected financially would be compensated. Only after the interview finished did the presenter refer to this being the latest in a series of IT failures but also noted that BA, notably Cruz were quick to be visible this time, whereas in the past Cruz went AWOL. Fortunately Cruz was not wearing a high viz jacket!! How long can Cruz hang on given the TSB CEO was removed over an IT failure?.
7 Sep 2018
at 09:11 -
AuthorPosts