British Airways says a further 185,000 payment cards possibly hit in cyber attack

FILE PHOTO - People queue with their luggage for the British Airways check-in desk at Gatwick Airport in southern England, Britain, May 28, 2017. REUTERS/Hannah McKay

(Reuters) – International Airlines Group said an investigation into the theft of customers’ data at its unit British Airways showed the hackers may have stolen personal information from an additional 185,000 payment cards.

BA said in September that around 380,000 card payments were compromised, with hackers obtaining names, street and email addresses, credit card numbers, expiry dates and security codes – sufficient information to steal from accounts.

On Thursday, British Airways revised that number down, saying that only 244,000 of those originally identified were affected, but said additional customers could have been affected.

On the whole, the total number of payment cards potentially affected stood at 429,000 as of Thursday.

The hackers obtained names, street and email addresses, credit card numbers, expiry dates and in some cases, security codes – sufficient information to steal from accounts.

(Reporting by Arathy S Nair in Bengaluru; Editing by Elaine Hardcastle)

British Airways apologizes after 380,000 customers hit in cyber attack

Commuters pass a British Airways advert on the tube at Canary Wharf station in London, Britain September 7, 2018. REUTERS/Kevin Coombs

By Paul Sandle

LONDON (Reuters) – British Airways was forced to apologize on Friday after the credit card details of hundreds of thousands of its customers were stolen over a two-week period in the most serious attack on its website and app.

The airline discovered on Wednesday that bookings made between Aug. 21 and Sept. 5 had been infiltrated in a “very sophisticated, malicious criminal” attack, BA Chairman and Chief Executive Alex Cruz said. It immediately contacted customers when the extent of the breach became clear.

Around 380,000 card payments were compromised, the airline said, with hackers obtaining names, street, and email addresses, credit card numbers, expiry dates and security codes – sufficient information to steal from accounts.

The attack came 15 months after the carrier suffered a massive computer system failure at London’s Heathrow airport, which stranded 75,000 customers over a holiday weekend.

Shares in BA’s parent, International Airlines Group, were down 2 percent in afternoon trading on Friday.

Cruz said the carrier was “deeply sorry” for the disruption caused by the attack which was unprecedented in the more than 20 years that BA had operated online.

He said the attackers had not broken the airline’s encryption but did not explain exactly how they had obtained the customer information.

“There were other methods, very sophisticated efforts, by criminals in obtaining the data,” he told BBC radio.

IT security company Avast said that based on the limited information available the attackers had probably targeted a gateway between the airline and a payment processor because no travel details had been stolen.

“Quite often, when it’s just a hack of a database somewhere it is hard to identify when something has been compromised,” Avast’s consumer security expert Pete Turner said.

“This feels much more like a transaction-type attack, where data is moving about within the system.”

COMPENSATION

The British government said authorities including the National Cyber Security Centre and the National Crime Agency were working to establish what had happened.

The country’s Information Commissioner’s Office said it had been alerted by BA and it was making inquiries. Under new GDPR data regulations, companies must inform regulators of a cyber attack within 72 hours.

BA advised customers to contact their bank or credit card provider and follow their recommended advice. It also took out ads in national newspapers on Friday.

Cruz said anyone who lost out financially would be compensated by the airline.

Data security expert Trevor Reschke said that like any website which sees large volumes of card transactions, BA was a ripe target for hackers.

“It is now a race between British Airways and the criminal underground,” said Reschke, head of threat intelligence at Trusted Knight.

“One will be figuring out which cards have been compromised and alerting victims, whilst the other will be trying to abuse them while they are still fresh.”

NatWest, one of Britain’s biggest card issuers, said it was receiving higher-than-usual call volumes because of the breach.

It said in a recorded message that its security systems would likely stop any fraud as a result of the hack but anyone affected should look out for unusual activity on their accounts.

IAG said the data breach had been resolved and the website was working normally, and that no travel or passport details were stolen.

After the computer system failure in May 2017, BA said it would take steps to ensure such an incident never happened again, but in July it was forced to cancel and delay flights out of the same airport due to problems with a supplier’s IT systems.

(Reporting by Paul Sandle and James Davey in London and Sangameswaran S and Rama Venkat Raman in Bengaluru; Editing by Keith Weir)

London City Airport shut after WW2 bomb found in Thames

Police officers stand by a cordon at the entrance to London City Airport, in London, Britain February 12, 2018

By Alistair Smout

LONDON (Reuters) – All flights to and from London’s City Airport were canceled on Monday after an unexploded World War Two bomb weighing half a tonne was found buried in silt in the River Thames.

Police said they expected the bomb at George V Dock in east London would be removed by early Tuesday, having set up a 200-metre exclusion zone after the ordnance was found during work at the airport on Sunday.

The Metropolitan Police said properties within the exclusion zone had been evacuated and a number of roads were cordoned off.

“The timing of removal is dependant on the tides, however, at this stage we estimate that the removal of the device from location will be completed by tomorrow morning,” police said in a statement, adding the shell was lying in a bed of dense silt.

London City Airport is the city’s fifth biggest and is popular with business travelers. It is London’s most central international airport and is close to major financial districts in the City of London and Canary Wharf.

The docklands area of London’s East End was a trading hub in the 1940s and was heavily bombed by German planes in World War Two. The airport was opened in 1987 as part of the broader regeneration of the area.

The airport told passengers not to travel there on Monday. Regional airline CityJet said its flights from the airport had been rescheduled to land and take off from London Southend airport, while Italy’s Alitalia [CAITLA.UL] said it would operate flights from London Stansted airport.

British Airways said it was trying to minimize disruption for passengers and said in a statement: “We are rebooking customers due to travel today onto alternative flights or offering refunds for those who no longer wish to travel.”

(Reporting by Alistair Smout in London and Abinaya Vijayaraghavan in Bengaluru; Editing by Janet Lawrence)