British Airways has revealed that the data breach that hit thousands of its customers last month is actually much bigger than originally thought.
In a statement to the stock market (opens in new tab), the airline's owner, International Airways Group (IAG) said additional 185,000 customers may have been affected by last month's breach.
The airline first claimed they've had data on 380,000 passengers compromised, only later to downgrade that estimate to 244,000.
The company said all affected customers will be notified by Friday, 5PM. IAG added it does not have “conclusive evidence” that any data has been removed from its systems. Still, it advises its customers to contact their card issuer 'as a precaution'. It concluded the announcement saying British Airways has been 'working continuously with specialist cyber forensic investigators and the National Crime Agency to investigate fully the data theft”.
The group behind the attack on British Airways seems to be Magecart. Security researchers at RiskIQ are saying it's the same group that was behind the Ticketmaster incident. According to the company's press release at the time, it first suspected Magecart was behind the attack after learning that it was web-based. It used its global web-crawling network to “confirm this assumption”.
Comparing the two events, they seem to be almost identical, with one key difference: “instead of compromising commonly used third-party functionality to gain access to hundreds of sites at once, Magecart operatives compromised the British Airways site directly and planned their attack around the site’s unique structure and functionality.”
Image Credit: Bychykhin Olexandr / Shutterstock