British Airways Customers Are Advised to Change Passwords in the Face of Data Breach

Data breaches are on the rise and affect thousands of customers. A study conducted by Radware proved once again that the problem is serious: 45% of companies surveyed experienced a data breach in the last year. At least 16 of them were retailers that had flaws in payment systems (both online and in stores). No doubt, other businesses were affected as well. Evidence shows that cyber criminals are not going to stop doing their dirty job anytime soon. Data breaches continue to shake up companies in 2018. Some of the companies that have experienced the biggest data breaches so far are these: Facebook, Ticketfly, MyHeritage, Sacramento Bee, and PumpUp. Since the year is not over yet, some other companies might be added to this list, but let's hope that everything will go smoothly and we will not hear about new massive customer data thefts in the near future.

Airline companies are no exception – they experience data breaches as well. If you are a frequent traveler and prefer flying to other methods of transportation, you must have heard about the recent data breach targeted at Air Canada's mobile app users. Unfortunately, the list of affected airlines does not end there. British Airways has also recently confirmed that it experienced a data breach that could have affected about 380,000 transactions in total. The attack was described by Alex Cruz, the chief executive and chairman of British Airways, as "sophisticated, malicious criminal attack." Sadly, the data breach against British Airways resulted in the airline company's customers' data stolen. Luckily, no passport details were plundered, so customers should not experience identity theft, specialists say. Are you one of the affected clients? If it is exactly so, you must take action immediately. Also, do not forget to accept the compensation offered by the airline company if you have noticed unauthorized transactions in your bank account statement.

How do I know if I was affected by the attack?

British Airways revealed that the data breach took place between 21 August, 2018 and 5 September, 2018. The company did not understand what happened at first, but thanks to experienced researchers, it turned out overnight that the attack they had experienced is nothing else than a data breach. Specifically speaking, the airline company's customers' data was stolen, and they were informed about that shortly after the attack. If you have not received a call or an email from British Airways yet, you can consider yourself lucky – your private data is safe. British Airways' representatives confirmed that only one group of customers was affected – those who made transactions during the indicated time frame (21st of August – 5th of September) over the official website ( or the mobile app. We keep our fingers crossed that you are not one of them.

What data was stolen from British Airways' customers?

It is no longer a secret that the latest data breach against British Airways resulted in the airline company's customers' data stolen, but what personal details exactly fell into cyber criminals' lap? It seems that the stolen information is associated with customers' credit cards linked to their British Airways accounts mainly. Additionally, some personal information was extracted from users' accounts. The compromised data includes name, email address, credit card number, and the three-digit code called CVV (it can be found written on the back of the card). British Airways denied that it was keeping customers' CVV numbers on its servers, so researchers suspect that credit card details were intercepted during the transaction rather than taken from the British Airways' database. If you are one of the affected customers, you cannot pretend that nothing happened because you might soon experience privacy-related problems. No doubt this is not something you will enjoy.

What can cyber criminals do with the stolen data?

Usually, the stolen personal information is used for fraudulent purposes and, on top of that, it might be sold to other cyber criminals on underground forums. Also, having the person's credit card information in their hands, hackers may be able to access the bank account and make purchases/reservations illegally. For example, you might one day find out that a luxurious hotel in Maldives has been booked under your name. Last but not least, hackers might open new accounts without your knowledge and permission. If you suspect that you could have been affected by the British Airways' latest data breach, you must contact your credit card issuer and take recommended actions immediately. It is the time to improve the account's password security as well. If you have experienced financial loss, do not hesitate to contact British Airways – it is well aware of the fact that the airline company's customers' data was stolen, so it offers victims compensation "for any financial hardship that they may have suffered."

The recent data breach is not the only problem British Airways has experienced in recent times. Dozens of flights departing and landing from/to Heathrow Airport were canceled due to an IT issue in July. Also, more than 2000 tickets were canceled because it turned out that they were sold for an extremely low price. Last but not least, a serious British Airways' IT systems problem changed thousands of passengers' plans back in May, 2017. The situation was described as "chaotic" at that time since all flights out of Heathrow and Gatwick were canceled. Let's hope such situations will not repeat themselves.

How can I protect my private data? Improve your password security!

Data breaches are the enormous danger to both companies and customers. While you cannot do anything to help the service provider to protect its databases and servers, you can prevent hacks by simply improving your password security. The more complex digital key you set, the lower are the chances of discovering an account hacked. Accounts containing personal information must be updated first. We can go on and on about the password security, but we think it will be enough to provide several tips on how to strengthen the account's security this time. First, improve your password security. In other words, set a password that consists of no less than 14 different characters, including numbers, symbols, and special characters. Second, you should make sure you update your password regularly. Third, you may prevent a hack by simply keeping your password in a safe place. A separate file on your PC or a sheet of paper is not what we have in mind here. Using a trusted password manager is a present-day way to handle passwords. Give it a try if you consider yourself a privacy-minded person.

You could only be 100% sure that it is impossible to hack your accounts if you use no online services, but we are sure this is not what you want, so we encourage you to take the risk and continue using services of your choice. As they say, "nothing ventured, nothing gained"! Of course, being cautious must be your top priority. Your password security is what you should take care of in the first place. A strong password is a shield that it will protect you against hackers, we can promise you that, so treat it like gold.

September 19, 2018