Security & Fraud

Researcher Says British Airways Hack Due To Skimming Malware

RiskIQ, the security firm, told outlets on Tuesday (Sept. 11) that the data breach at British Airways was due to credit card skimming installed by malware hackers.

According to reports, Yonathan Klijnsma, a threat researcher at RiskIQ, told the outlet that the same group of hackers that breached Ticketmaster may be behind the attack at British Airways, in which more than 380,000 credit cards were compromised. The researcher said the group was highly targeted in their approach, and that the British Airways breach was part of a broader plot to steal records from various websites.

"This British Airways attack was just an extension of this campaign,” said Klijnsma. “This attack is a simple but highly targeted approach compared to what we’ve seen in the past with the Magecart skimmer, which grabbed forms indiscriminately. This particular skimmer is very much attuned to how British Airways' payment page is set up, which tells us that the attackers carefully considered how to target this site instead of blindly injecting the regular Magecart skimmer.”

Last week, British Airways announced that it was hit by a customer data breach on its website and mobile app, affecting around 380,000 card payments. The airline told CNBC that the breach took place from Aug. 21 to Sept. 5 and is now resolved. The hack has been reported to the authorities, including the U.K. Information Commissioner’s Office (ICO). British Airways said the stolen data did not include travel or passport details.

“We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously,” said Alex Cruz, British Airways’ CEO, according to Financial Times. The airline advised any customers who believe they may have been affected by the incident to contact their banks or credit card providers.

This is just the latest breach to hit an airline. In fact, there were 1,000 cyberattacks on aviation systems every month during 2016, according to the European Aviation Safety Agency. That same year, Vietnam Airlines had to complete its operations at airports by hand after hackers took down its website. Last year, LATAM Airlines and Ukraine’s Boryspil International Airport were both hit by ransomware.

——————————

NEW PYMNTS DATA: HOW WE SHOP – SEPTEMBER 2020 

The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.

TRENDING RIGHT NOW