And so it begins — blackmail attempt following BA data theft
Sep 27, 2018, 7:17 am
#19
Join Date: May 2006
Location: 5 miles from EMA
Programs: BD, BAEC Pleb, VS Pleb, Accor Pleb, HHonors Gold, Big White Season Pass
Posts: 5,925
But ba.com passwords were not taken in the data breach. It's not only that BA has identified which (other) pieces of information were taken, but none of the independent reports about how it was done have suggested that ba.com passwords were vulnerable to this.
So that suggests one of at least two things:-
So that suggests one of at least two things:-
- Your ba.com password was taken by other means not involving BA.
Sep 27, 2018, 7:28 am
#21
Join Date: Aug 2018
Programs: British Airways Executive Club, Virgin Flying Club
Posts: 154
Sep 27, 2018, 7:37 am
#22
Join Date: Aug 2017
Programs: BAEC
Posts: 461
I tried the password I used to have for BA.COM on haveibeenpwned.com/Passwords and there was a hit. It is a password I only used on BA.COM and have changed since the data breach. I was technically not affected due to making no purchases in the time frame we have been told about and also it was not supposed to include the BA.COM password. However, passwords for other sites are not hit so there are a couple of possible explanations
1) A further hack of BA that we have not been made aware of (maybe they are not aware of it themselves)
2) That password exists out in web world somewhere for another userid / website combination (albeit it was unusual and not a real word)
We have countless spam of the kind OP refers to relating to a very old password on a site that was known publicly to be breached. We have a rule that immediately deletes them so we only know when looking at our webmail server but they do appear many times per day. The first one was referred to Action Fraud but how on earth they go about finding the perpetrators is something of a mystery.
1) A further hack of BA that we have not been made aware of (maybe they are not aware of it themselves)
2) That password exists out in web world somewhere for another userid / website combination (albeit it was unusual and not a real word)
We have countless spam of the kind OP refers to relating to a very old password on a site that was known publicly to be breached. We have a rule that immediately deletes them so we only know when looking at our webmail server but they do appear many times per day. The first one was referred to Action Fraud but how on earth they go about finding the perpetrators is something of a mystery.
Last edited by Ladyfliestheredwhiteandblues; Sep 27, 2018 at 7:39 am Reason: Formatting
Sep 27, 2018, 7:38 am
#23
Join Date: Jun 2009
Location: Somewhere
Programs: Delta Plat
Posts: 3,363
If your password is unique to BA I suggest you run a virus scan on your computer and maybe even on your phone. Might indeed have a keylogger.
This reminds me of the time, I got a knock on my door, and my landlord asked me to help her son with his computer.
When I went downstairs to check the computer, I see her son packing and saying he was moving to Mexico.
When I asked why he showed me his computer. On the screen was a webcam still of him with a finger in his nose a can of mountain dew in one hand and headphones on with 1 hell of a scared look.
Under it was the wording "we caught you, we will report you to the FBI you have been looking at illegal pornography if you don't want us to report you to the FBI pay us 400 dollars via prepaid gift card"
This reminds me of the time, I got a knock on my door, and my landlord asked me to help her son with his computer.
When I went downstairs to check the computer, I see her son packing and saying he was moving to Mexico.
When I asked why he showed me his computer. On the screen was a webcam still of him with a finger in his nose a can of mountain dew in one hand and headphones on with 1 hell of a scared look.
Under it was the wording "we caught you, we will report you to the FBI you have been looking at illegal pornography if you don't want us to report you to the FBI pay us 400 dollars via prepaid gift card"
Sep 27, 2018, 7:43 am
#24
Join Date: Nov 2006
Programs: Seniors Bus Pass
Posts: 5,531
This was reported in a number of places. It is an "improved" variety of the original that came without the password. According to this item from Brian Krebs the passwords appear to have been compromised some years ago:
https://krebsonsecurity.com/2018/07/...omment-page-3/
https://krebsonsecurity.com/2018/07/...omment-page-3/
Sep 27, 2018, 7:49 am
#25
Join Date: Aug 2015
Posts: 540
Sep 27, 2018, 8:24 am
#27
Join Date: Dec 2009
Location: Flatland
Programs: AA Lifetime Gold 1MM, BA Gold, UA Peon
Posts: 6,113
I've been getting those for months for a password that, if it's correct, leaked long ago from some small website. I can't even find out which website it is. They're hilariously persistent and implausible. Treat them just like the final demands for payment for things you never ordered, the tax adjustment notices, and so on: file them in the circular filing cabinet.
Sep 27, 2018, 10:12 am
#28
Join Date: Aug 2018
Location: Cambridgeshire
Programs: BAEC Bronze; ALL Gold
Posts: 128
I get these occasionally but they are not personalised in any way. A friend however was very unnerved to get his first example (on a Mac) which included part of his phone number. I pointed out that the format was the same as those confirmation of ID messages that say 'your phone number is xxxxx xx1234' so it was unlikely they had the whole phone number or they would have included it for added verisimilitude.
Sep 27, 2018, 10:14 am
#29
Join Date: Aug 2012
Location: SJO - MAN - LAX
Programs: MileagePlus Gold, Avis PP, National EE, Lifemiles Silver, ConnectMiles Gold
Posts: 532
Someone has been watching way too many repeats of Black Mirror episodes. What's next,t hey make you go pick up a cake and deliver it to a motel room?
I would respond in big capital bold letters to F OFF.
I would respond in big capital bold letters to F OFF.
Sep 27, 2018, 10:44 am
#30
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,650
I find it incredible that people are jumping to defend BA here, and blaming the OP for using passwords across sites or being infected with a key-logger.
2 people on this thread appear to have had their BA passwords stolen (there are 29 posts so far) by whatever means.
I've checked mine on the link above, and I seem to be in the clear. However, I'll be changing my BA password after I've finished writing this!
Edited to add... we've seen quite a few cases on here where peoples accounts have been compromised. Again this was generally blamed on the OP for lax security. If this turns out to be another breach by BA...
2 people on this thread appear to have had their BA passwords stolen (there are 29 posts so far) by whatever means.
I've checked mine on the link above, and I seem to be in the clear. However, I'll be changing my BA password after I've finished writing this!
Edited to add... we've seen quite a few cases on here where peoples accounts have been compromised. Again this was generally blamed on the OP for lax security. If this turns out to be another breach by BA...