BA pledges compensation for customers hit by data breach
380,000 customer details accessed over 2 weeks during summer
British Airways said it would compensate customers who had data stolen after the airline revealed credit card and personal details were compromised over a two week period.
IBEX 35
11,034.80
18:44 22/04/24
International Consolidated Airlines Group
€2.03
18:15 22/04/24
Shares in IAG, BA's parent company, fell 2% in morning trade. The breach took place between 22.58 BST on 21 August and 21.45 BST on 5 September on the firm's website and mobile app.
The cyber-attack was discovered on 5 September, when a partner alerted the airline, which launched an investigation. The breach hit 380,000 customers, but did not include travel or passport details.
"It was name, email address, credit card information - that would be credit card number, expiration date and the three digit [CVV] code on the back of the credit card," said BA chief executive Alex Cruz.
BA said any customers who believe they may have been affected by this incident to “contact their banks or credit card providers and follow their recommended advice”.
"We are committed to working with any customer who may have been financially affected by this attack, and we will compensate them for any financial hardship that they may have suffered."
“The moment that actual customer data had been compromised, that’s when we began immediate communication to our customers,” he told the BBC.
"At the moment, our number one purpose is contacting those customers that made those transactions to make sure they contact their credit card bank providers so they can follow their instructions on how to manage that breach of data."
BA came in for heavy criticism last year when a computer system failure left thousands of passengers stranded for days.