BA only discovered the breach while investigating a breach of its website that took place in September 2018, which affected 380,000 transactions. The victims were caught out by a website compromise that had gone undetected for months.
However, both attacks seemed to have been carried out by the same group or gang, and BA owner IAG announced it would contact the customers to let them know that their information had gone astray.
IAG said two separate groups of customers were affected by the hack attack: 77,000 people had their name, address, email address and detailed payment information taken, while 108,000 people lost personal details apart from the CVV number for their payment cards
So far, few other details have been revealed about this attack, the online publication continues. BA and IAG could face huge fines because the breach took place after stringent European privacy and data rules such as the General Data Protection Regulation came into force.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.