British Airways (BA) has launched a probe to look into customer data theft from its website and mobile app.
According to the airline, personal and financial data belonging to at least 380,000 customers who used the online booking systems has been “compromised”. However, the stolen data does not include travel or passport details.
BA said the hacking took place between 10:58pm on 21 August and 09:45am on 5 September. Bookings that do not fall within this timeframe or those made through travel agents were not affected.
The airline got wind of the breach after “a third party noticed some unusual activity and informed us about it”.
In a statement the airline said, “The breach has been resolved and our website is working normally.”
“We have notified the police and relevant authorities. We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers' data very seriously.” The BBC reported.
BA apologized for the breach and said they had called all affected customers by Thursday night. They further advised that those affected should contact their bank or credit card providers for more advice.
Alex Cruz, British Airways' chairman and chief executive, said: “We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers' data very seriously.”
Some BA customers took to social media to express their frustration. Gemma Theobald tweeted: “My bank... are experiencing extremely high call volumes due to this breach! Couldn't do anything other than cancel my card... not how I wanted to spend my Thursday evening.”
The National Crime Agency and National Cyber Security Centre said they are investigating the matter.
By Airport Pickups London