Print This Page

Malicious Code That Impacted 380,000 Customers of British Airways Found

A private cyber security firm has found the malicious code responsible for the recent security breach on British Airways’s website and mobile app, an attack which impacted 380,000 people from August to September 2018.

The code was confirmed to be a “skimming” script; code intended to steal financial data from online payment forms by blending in with normal payment processing to avoid detection. Experts believe the attack was calculated and specifically targeted British Airways because of how the code was tailored to function within the website and app. Data submitted to the fake payment form was sent to the hackers’ server, which includes both credit card information and personal details.

Cyber security experts warn that the weakest link in protection is when third-party code are implemented into the payment chain of an organization. Many companies utilize third-party apps or script when establishing payment methods on their website or mobile apps. It is likely attacks of this nature will continue to be successful unless precautions are taken seriously and implemented effectively by experienced IT professionals.

Is your business vulnerable? Call 914-934-9775 and ask our representative how PCI can help improve your cyber security and prevent security breaches from bringing down your business.

What happened to British Airways?

A security breach took place between August 21st and September 5th, 2018 that compromised the personal and financial information of 380,000 customers making or changing bookings on the British Airways website and mobile app.