A hacker group with ties to Russian organized crime is being blamed for the security breach at British Airways in which sensitive passenger and credit card data was stolen over a more than two-week-long period this summer. Authorities say the syndicate has used similar attacks in the past to skim funds from credit card accounts.
A cyber-attack on British Airways may have exposed the personal details of as many 380,000 customers who used the airline’s website and mobile apps between August 21 and September 5 of this year. BA CEO Álex Cruz called the breach a “sophisticated, malicious criminal attack.” Although the airline reports that passengers’ sensitive financial details were compromised, it is not thought that any passport information or private travel histories were accessed in the hack.
According to a report from The Telegraph, a hacker group with ties to the Russian mob is the likely culprit behind the attack which is said to have exploited security vulnerabilities in the airline’s interactive baggage tracking applications. The so-called Magecart black-hat hacker group is also believed to be behind a similar cyber-incursion at Ticketmaster this June in which the financial information of nearly 40,000 customers was compromised.
Investigators say Magecart was linked to the British Airways attacks through signature lines of code maliciously inserted into the IT systems at both British Airways and Ticketmaster. The group has been on the radar of law enforcement for nearly three years. The credit card skimming syndicate is said to have close relationships with organized crime in former Soviet Bloc countries, including Romania and Lithuania as well as Russia.
British Airways says that it has reached out to affected passengers to apologize for falling victim to the “criminal activity.” The airline told customers that it will introduce a series of measures to reduce the harm caused by the recent cyber-incursion.
“We take the protection of our customers’ data seriously and are very sorry for the concern that this criminal activity has caused,” the carrier said in a message apologizing for the breach. “We will continue to keep our customers updated with the very latest information. No customer will be out of pocket as a direct result of the criminal theft of data from ba.com and the airline’s mobile app … We will be offering a 12-month credit rating monitoring service to any affected customer who is concerned about an impact to their credit rating, provided by specialists in the field and will share details of this in the near future.”