FlyerTalk Forums - View Single Post - How to report a glaring security hole in BA.com ?
Thread: How to report a glaring security hole in BA.com ?
View Single Post
Old May 31, 2018 | 6:25 am
  #11  
gingerlucy
50 Countries Visited
All eyes on you!
10 Years on Site
 
Join Date: May 2012
Location: London, UK
Programs: BA Gold, SAS Eurobonus Gold, Hotels.com Gold
Posts: 493
Originally Posted by cgtechuk
Hi,

As a career one of the things I am responsible for is IT Security.

I have found a security issue on the website which exposes the users password and email address and for obvious reasons I will not post it on FT or to anyone other than the appropriate person at BA.

Having looked through the website and to a pile of other contact us pages there is no contact for the web team / security team,

Does anyone know a way of reporting this correctly?

If it is to do with user e-mails could you approach their Data Protection Officer? Under the shiny new GDPR legislation this should make them jump pretty quickly as them going astray would be a serious breach under something which is very much of interest right now.

[email protected] per the bottom twisty thing of https://www.britishairways.com/en-gb...privacy-policy
gingerlucy is offline