British Airways Apologizes after 380,000 Customers hit in Cyber Attack

  • BA says contacted customers as soon as possible

  • Details of 380,000 card payments compromised

  • BA says attack was ‘very sophisticated’.

     

London (Reuters): British Airways was forced to apologise on Friday after the credit card details of hundreds of thousands of its customers were stolen over a two-week period in the worst ever attack on its website and app.

The airline discovered on Wednesday that bookings made between 21 August and 5 September had been infiltrated in a “very sophisticated, malicious criminal” attack, BA Chairman and Chief Executive Alex Cruz said. It immediately contacted customers when the extent of the breach became clear.

Around 380,000 card payments were compromised, the airline said, with hackers obtaining names, street and email addresses, credit card numbers, expiry dates and security codes – sufficient information to steal from accounts.

The attack came 15 months after the carrier suffered a massive computer system failure at London’s Heathrow airport, which stranded 75,000 customers over a holiday weekend.

Cruz said the carrier was “deeply sorry” for the disruption caused by the sophisticated crime, which was unprecedented in the more than 20 years that BA had operated online.

He said the attackers had not broken the airline’s encryption but did not explain exactly how they had obtained the customer information.

“There were other methods, very sophisticated efforts, by criminals in obtaining the data,” he told BBC radio. “It was having access to our systems in an illicit way, it was very sophisticated.”

 

British Airways informed customers affected by the attack on Thursday, Cruz said. It advised them to contact their bank or credit card provider and follow their recommended advice. It also took out ads in national newspapers on Friday.

Cruz said anyone who lost out financially would be compensated by the airline.

“The moment we found out that actual customer data had been compromised that’s when we began an all-out immediate communication to our customers, that was the priority,” he said.

Data security expert Trevor Reschke said that like any website which sees large volumes of card transactions, British Airways was a ripe target for hackers.

“It is now a race between British Airways and the criminal underground,” said Reschke, head of threat intelligence at Trusted Knight. “One will be figuring out which cards have been compromised and alerting victims, whilst the other will be trying to abuse them while they are still fresh.”

IAG said the data breach had been resolved and the website was working normally, and that no travel or passport details were stolen.

The airline had launched an investigation and notified police and other relevant authorities.

Play Video

Germany Concerned about possible ‘SLEEPER’ Cyber Sabotage

President of Germany's Federal Office for the Protection of the Constitution Hans-Georg Maassen attends a news conference in
Berlin, Germany – REUTERS

Berlin (Reuters): A growing number of countries can hack into private computer networks and install malicious software to sabotage another country’s infrastructure, Germany’s domestic spy chief said last week.

China, Russia and other countries continued to try to break into German companies’ computers to steal industrial information, Hans-Georg Maassen, head of the BfV domestic intelligence agency, told a security conference.

But intelligence officials are increasingly worried about so-called “cyber bombs” that could be planted in the network of an unsuspecting company and detonated later.

“In the case of China, Russia, we clearly see measures like espionage, but it could also be sabotage with the goal of attacking companies in Germany – infrastructure firms in the widest sense – at some future point,” Maassen said. “That is a scenario that we view with concern.”

Cyber experts warn that Germany – with its high level of technology expertise – is a particularly attractive target for cyber attackers of all kinds, including state actors.

A company could be oblivious to a cyber-attack that had been used to plant malware, Maassen said. Such a “cyber bomb” could then shut down power networks, for example, perhaps during a time of geopolitical tension.

He said such attacks could come from a range of countries. In its annual report, the agency cited rapid strides in Iran’s cyber capabilities, although it did not specifically spell out concerns about such sleeper attacks.

 

Germany is worried that China is also trying to gain dominant positions in technology sectors by taking stakes in the German firms, Maassen said.

“That is a political project on which the government is spending a lot of money, not just to invest, but to buy information for its own technical progress, or to gain a position in specific areas that will make it impossible for others to continue developments there,” he said.

Torsten Becker, managing director of BOGEN Electronic, a German robotics supplier that also sells to China, said his firm had rebuffed repeated takeover attempts by Chinese firms, and had also seen its products duplicated in the Chinese market.

BOGEN had stopped hiring Chinese engineers or interns, and was taking increased measures to protect its know-how, but Becker said Chinese rivals benefited from government support that gave them advantages in the global market.

Burkhard Even, who heads the BfV’s counterespionage unit, told the conference the amount of know-how ceded to Chinese through takeovers in the past two years already exceeded the damage from espionage.

He said there was “a very clear connection” between cyber-attacks and takeover bids, with many companies often targeted in cyber-attacks before any M&A activity.

Germany and other European Union states are overhauling their investment rules to protect sensitive technologies from Chinese takeovers. In December, the BfV also warned about efforts by China to use fake LinkedIn accounts to recruit German business executives and researchers as spies.

Source: DailyFT