British Airways said Thursday that the personal and financial details of customers making bookings between August 21 and September 5 were stolen in a data breach involving 380,000 bank cards.
“We are investigating, as a matter of urgency, the theft of customer data from our website and our mobile app. The stolen data did not include travel or passport details,” the airline said in a statement.
“The personal and financial details of customers making bookings on our website and app were compromised,” it said.
“The breach has been resolved and our website is working normally. We have notified the police and relevant authorities.
“We are deeply sorry for the disruption that this criminal activity has caused.”
BA said the breach took place between 2158 GMT on August 21 and 2045 GMT on September 5.
Around 380,000 payment cards were compromised.
BA advised anyone who believed they may have been affected to contact their bank or credit card provider and follow their recommendations.
As for compensation, BA said: “We will be contacting customers and will manage any claims on an individual basis.”
It said customers due to travel could check in online as normal as the incident had been resolved.
The National Crime Agency said: “We are aware of reports of a data breach affecting British Airways and are working with partners to assess the best course of action.”
The NCA is set up to tackle the most serious and organised crime posing the highest risk to public security in Britain.
– Past IT issues –
BA apologised in July after technology issues caused dozens of its flights to and from London Heathrow Airport to be cancelled.
The airline said the problem was down to an incident with an IT system.
And in May 2017, British Airways suffered a major computer system failure triggered by a power supply issue near Heathrow which left 75,000 customers stranded.
IAG, which owns British Airways and Spanish carrier Iberia, said last month that first-half profits more than doubled.
Earnings after taxation flew to 1.4 billion euros ($1.6 billion) in the first six months of 2018 compared with 607 million euros a year earlier, IAG said in a results statement.
The London-listed group, which is also the owner of Irish airline Aer Lingus and Spanish carrier Vueling, added that total revenues swelled three percent to 11.2 billion euros.
BA announced last month that it will halt flights to Tehran in September, citing low profitability as the US reimposes sanctions on Iran.
