British Airways experiences data breach as IT security is compromised

Posted: 7 September 2018 | | No comments yet

Nearly 400,000 passengers’ data has been compromised however the stolen data did not include travel or passport details, but are there wider questions about IT and security in the industry to ask?


British Airways is investigating, as a matter of urgency, the theft of customer data from its website and the airline’s mobile app. The stolen data did not include travel or passport details.

From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on their website and the airline’s app were compromised. 

The breach has been resolved and the website is now working normally.

The consumer group Which? have advised those affected to change their online passwords and to monitor their online banking. While BA themselves have suggested passengers “contact their bank and follow the recommended advice.”

British Airways is communicating with the affected customers and are advising any customers who believe they may have been affected by this incident to contact their banks or credit card providers and follow their recommended advice. 

In a statement they say they have notified the police and relevant authorities.

Alex Cruz, British Airways’ Chairman and Chief Executive said: “We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.”

Cruz added: “At the moment, our number one purpose is contacting those customers that made those transactions to make sure they contact their credit card bank providers so they can follow their instructions on how to manage that breach of data.”

In a statement BA have said that “Executive Club accounts were not affected” which raises further questions about the way in which personal data is stored. 

The disruption raises wider questions about the IT and security industry in aviation as a whole. International Airport Review’s webinar on the 15th October 2018 will focus on what airports should do to optimise cyber security in the entire airport and bring together perspectives from IT, security and building control to break down the barriers between airport departments to fully combat cyber terrorism. Register to participate in the webinar here

IT and security are such integral elements of an airport that breeches like this one from BA cannot be overlooked. At International Airport Review’s IT and Security event at Schiphol on the 4th and 5th December 2018, discussions will occur with the world’s major international airports concerning the latest security and IT challenges, innovations and opportunities. 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.