British Airways travellers’ credit-card details hacked
LONDON — Hackers obtained the credit-card details of 380,000 British Airways travellers during a two-week data breach this summer that leaves the customers vulnerable to financial fraud, the airline says.
British Airways chief executive Alex Cruz said Friday that enough data was stolen to allow criminals to use credit-card information for illicit purposes, and that police are investigating. Stolen information includes the travellers’ names, addresses, email addresses, credit-card numbers, expiration dates and security codes, he told the BBC.
He added that no passport data had been obtained in what he called a “very sophisticated, malicious criminal attack,” but that British Airways is “100 per cent committed” to compensating customers.
The airline serves four Canadian cities — Montreal, Toronto, Calgary and Vancouver — but a spokeswoman told the Canadian Press that the airline isn’t breaking down the breach by country.
British Airways assured customers it would reimburse them for losses directly because of the breach, but advised them to contact their credit-card suppliers if they made a booking or change to their booking through the airline’s website or mobile app between Aug. 21 and Sept. 5.
The Royal Bank of Canada said it has not seen any impact on its credit-card customers.
“Nevertheless, we encourage clients to immediately contact us should they notice any unusual or unauthorized activity on their accounts and credit cards,” spokesman Jeff Lanthier wrote in an email.
That time period overlapped a two-day period when Air Canada detected unusual login activity on its mobile app between Aug. 22 and Aug. 24. The airline said last week that about 20,000 customers may have had personal information compromised before all 1.7 million accounts were locked down.
Air Canada has said creditcard data was encrypted and protected from a breach but Aeroplan numbers, passport numbers, birth dates, nationalities and countries of residence could have been accessed if users saved them in their account profile.
Consumer advice website MoneySavingExpert says customers should monitor bank and credit-card statements closely for signs of possible fraudulent activity.
It also warns of possible “phishing scams” in which hackers would try to trick affected consumers into revealing personal information like PINs or banking passwords.