News

BA reveals cyber breach... again

Cybersecurity
Just a month after reporting their last security breach British Airways have reported another cyber attack. The breach has affected 185,000 customers that made reward bookings using a card between 21 April and 28 July this year, with hackers stealing many customers' names, addresses, email addresses and card details.

Ross Brewer, VP and MD EMEA, LogRhythm, made the following comments, “Hot on the heels of the data breach disclosed only last month, British Airways has revealed that 185,000 customers could have had personal details stolen in another data breach. If I were BA, I would be very worried about the impact both breaches will have on the company’s reputation. The fact that both data breaches have taken place in the last six months is extremely worrying – and very embarrassing for the airline. One of the biggest concerns with both is that they have involved the theft of personal and financial information, which increases the severity of a data breach. With credit or debit card information it can make it much easier for hackers to commit identity fraud, as well as purchase items online, which will cause further headaches for victims as they race to cancel their cards.

“BA is a well-respected British company that prides itself on customer service and reliability, but these breaches indicate that this doesn’t extend to all areas of the business. It is crucial that organisations learn from these high profile breaches and recognise the responsibility they have in protecting their customers’ data. Today’s threat landscape is getting more and more complex by the day, so much so that IT teams are struggling to keep up. It’s therefore critical that they are automating threat detection by using tools such as NextGen SIEM and User and Entity Behaviour Analytics (UEBA) to identify and neutralise threats before any damage has been done.”