British Airways Customer Data Breach

British Airways has advised that customers who booked flights on its website between 21 August 2018 and 5 September 2018 have had their data compromised.

London Air Travel » British Airways » British Airways Website & Mobile Apps

British Airways Logo (Image Credit: British Airways)
British Airways Logo (Image Credit: British Airways)

British Airways has announced that its website ba.com and mobile app has been subject to a data breach.

The airline issued a statement in the early evening of Thursday 6 September 2018 that customers who booked flights over a period of nearly two weeks between 22:58 BST on Tuesday 21 August 2018 and 21:45 BST Wednesday 5 September 2018 have had their personal and financial details compromised.

BA has stated that it is contacting affected customers who are advised to contact their banks and credit card companies for appropriate advice. The full statement is as follows:

British Airways is investigating, as a matter of urgency, the theft of customer data from its website, ba.com and the airline’s mobile app. The stolen data did not include travel or passport details.

From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline’s app were compromised.

The breach has been resolved and our website is working normally.
 
British Airways is communicating with affected customers and we advise any customers who believe they may have been affected by this incident to contact their banks or credit card providers and follow their recommended advice. 

We have notified the police and relevant authorities.

Alex Cruz, British Airways’ Chairman and Chief Executive said “We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously.”
 
British Airways will provide further updates when appropriate.

BA has also published guidance for affected customers on its website ba.com

It is noteworthy that BA’s parent company International Airlines Group has issued the above statement to the stock exchange so this is clearly a significant and share price sensitive event.

BA is required by law to notify the Information Commissioner’s Office with 72 hours of becoming aware of the breach. The ICO has the power to levy very substantial fines in the event of a failure to properly report a breach.

Update Friday 7 September 2018

BA has updated its published guidance on the morning of Friday 7 September to advise that the breach also affects any passengers who made changes to existing bookings during the period of the breach.

The scope of changes (eg free or paid for seat assignments etc) is not defined but this means the breach could affect very many more passengers.

BA has also confirmed that it will fully reimburse passengers for any financial losses as a direct consequence of the security breach. It will also not ask customers to review/update payment card details and any unsolicited requests for this information should not be fulfilled.

The Information Commissioner’s Office has issued a short statement confirming contact with BA:

“British Airways has made us aware of an incident and we are making enquiries.”

National Cyber Security Centre Response

The UK Government’s National Cyber Security Centre, part of GCHQ, has published guidance for affected customers.

American Express Response

American Express, which issues a number of BA branded credit cards has provided the following response to customers by e-mail:

Dear Cardmember,

I’m writing to you about the reported British Airways data breach involving personal and financial details of customers being compromised through their web and mobile app.

We want to assure you we have industry-leading fraud protection technology that is continually monitoring for any suspicious activity in order to safeguard you. Also, our Cardmembers are never liable for any fraudulent charges on their Accounts. If you have used your American Express Card to book with British Airways, we are monitoring your Account for you.

There is no action you need to take – we will contact you immediately if there’s any unusual activity with your Account. In the meantime you can continue to use your Card as normal.

If we see any unusual activity which could be fraud, we will contact you immediately. For added protection, you can also sign up for free fraud and other Account activity notifications via email, SMS text messaging, or alerts through our app.

Thank you for your continued Cardmembership.

BA upgrades its smartphone apps to include automatic rebooking during disruption

London Air Travel » British Airways » British Airways Website & Mobile Apps

British Airways iPad App
British Airways iPad App

One of the many perennial criticisms of British Airways is its handling of disruption at its hub at London Heathrow.  The airport is full, so when there is severe weather, the airline is forced to cancel flights, with short-haul flights always bearing the brunt.  What usually follows is long queues at ticketing desks to be rebooked.

BA announced at the annual Capital Markets Day of its parent company International Airlines Group last year that it was working on automatic rebooking tools during disruption.

BA has today released an update for its smartphone app which includes the option to rebook on to alternative flights during disruption. However, this will initially only be for selected customers. We presume this is for testing purposes.

In addition, most if not all customers should now have a “timeline” feature for each booking on the app which provides a countdown for future bookings and services that are available in connection with that booking.

If you haven’t already done so, we do recommend that all travelers (whether a frequent or once a year BA flyer) download the BA smartphone app. It is the easiest way to keep track of flights both before the day of travel and at the airport. From experience we find it is often ahead of other sources for learning of delays.

It is also an easy way to keep on track of fixed price upgrade offers for existing bookings and being able to book flights without tripping over adverts for hotels and car hire as you do on ba.com!

We also recommend that for security reasons software updates for apps are downloaded as soon as they become available.

BA website ba.com suffers major outage – Tuesday 11 April 2017

British Airways’ website ba.com experienced a major outage on Tuesday 11 April 2017.

London Air Travel » British Airways » British Airways Website & Mobile Apps

ba.com Error Message – Tuesday 11 April 2017

If you have tried to visit the BA website ba.com at any point today, you will have no doubt received the error message above.

The BA website has been down all day today.  No reason has been given for this, other than “technical issues”.  Whatever the issue is it must be very substantial.  As BA.com is BA’s main selling channel, you can be confident there is a lot of pressure to get the website back up and running.

It is also not possible to check bookings via the BA smartphone app.  However, live flight information appears to be available on the app.

In light of the fact that online check-in is not available you are strongly advised to allow plenty of time to check-in at the airport.

Given the nature of the issue is unknown, when the website is back up it is worth checking your Executive Club account and any future bookings to confirm everything is in order.

If you are travelling today you can also check live flight information on the websites of GatwickHeathrow and London City airports.

Edit: The website appears to be up and running at 20:00 BST.