BAEC password compromise

Reply Subscribe

Thread Tools

Search this Thread

Oct 25, 2018, 9:27 am

London_traveller

Original Poster

Join Date: Oct 2008

Location: London

Posts: 1,503

BAEC password compromise

My BAEC account password was recently compromised (not from me as I never divulge it) and can see some spam emails quoting my password back to me.

Are BA certain that BAEC account passwords were not compromised during the recent data leaks? I had to speak to someone at BAEC to try and reset my password as the site was playing up when I tried. I mentioned the compromise and asked whether it was linked to the recent data theft, but didn't get a clear answer.

Oct 25, 2018, 9:33 am

DYKWIA

Ambassador: Emirates Airlines

Join Date: Sep 2004

Location: Manchester, UK

Posts: 18,613

Quote:

Originally Posted by London_traveller

There was another thread about this recently where a few people said their BA password had been compromised.

Enter the password into the following site, and it will tell you if it's been leaked (it's perfectly safe) :-

https://haveibeenpwned.com/Passwords

Edit : this is the thread :-

And so it begins — blackmail attempt following BA data theft

Oct 25, 2018, 9:38 am

Seraglio

Join Date: Apr 2018

Programs: BAEC Gold

Posts: 117

My password was compromised just a few days ago. I only use this particullar password for BA and changed it after the hack a few weeks ago.
Now i hat to change it again. It might be a new issue.

Oct 25, 2018, 9:43 am

London_traveller

Original Poster

Join Date: Oct 2008

Location: London

Posts: 1,503

Thanks for this info - that's the thread I need!

Oct 25, 2018, 10:38 am

flatlander

Join Date: Dec 2009

Location: Flatland

Programs: AA Lifetime Gold 1MM, BA Gold, UA Peon

Posts: 6,111

Bear in mind the possibility that some device you used to access the account has been compromised and that credentials were stolen there.

plunet and BHD Belle like this.

Oct 25, 2018, 11:25 am

plunet

Join Date: Jan 2016

Location: LON

Programs: BAEC

Posts: 3,916

Yep, we're all quick off the mark to blame the provider for leaking a password and whikst there are a large number of websites need to their game, the balance probability these days is that malware on an end user device has sniffed the password and compromised it more often than it being compromised by the service provider.

Oct 25, 2018, 11:49 am

DYKWIA

Ambassador: Emirates Airlines

Join Date: Sep 2004

Location: Manchester, UK

Posts: 18,613

Quote:

Originally Posted by plunet

Yep, we're all quick off the mark to blame the provider for leaking a password and whikst there are a large number of websites need to their game, the balance probability these days is that malware on an end user device has sniffed the password and compromised it more often than it being compromised by the service provider.

BA have proved that they don't take their data responsibilities seriously, so I'd say there's a good chance that they've also leaked passwords - maybe without even knowing it. Look at the thread I linked, and there are a few people there that also have their unique BA passwords compromised. People who use unique passwords tend to be a bit more clued up about being secure in my experience, so less likely to have their data "sniffed".

Oct 25, 2018, 12:45 pm

T8191

FlyerTalk Evangelist

Join Date: Mar 2010

Location: JER

Programs: BA Gold/OWE, several MUCCI, and assorted Pensions!

Posts: 32,145

How many people use 'AlexCruz' as a password?

Oct 25, 2018, 12:50 pm

PAL62V

Join Date: Mar 2010

Posts: 1,754

And this is why I’m happy to renter my passport details each time I make a booking instead of letting BA store them.

Oct 25, 2018, 2:32 pm

#10

stuart_f

Join Date: Apr 2015

Location: Oxford

Programs: Skyteam Elite+, VS Red, HHonours Diamond, Accor Plat

Posts: 629

Tonight BA admitted to a second data breach. The original one compromised data from 21 August to 5 September. Tonight's admission adds in a second period:

Quote:

Those impacted were people making reward bookings between April 21 and July 28, 2018 and who used a payment card.

It would not surprise me if other vulnerabilities are also lurking in BA's website waiting to be admitted to.

Oct 26, 2018, 3:41 am

#11

London_traveller

Original Poster

Join Date: Oct 2008

Location: London

Posts: 1,503

Quote:

Originally Posted by plunet

Well, quite possibly.

The two massive data breaches by BA over recent months are merely a coincidence

Oct 26, 2018, 5:05 am

#12

flatlander

Join Date: Dec 2009

Location: Flatland

Programs: AA Lifetime Gold 1MM, BA Gold, UA Peon

Posts: 6,111

One still should check one has not stepped in the dog-dirt with one's own shoes before blaming the other party for bringing the stench.

bisonrav likes this.

Oct 26, 2018, 5:16 am

#13

mickeyjaw

Join Date: Jan 2016

Programs: BAEC Silver, Avis Preferred, Hilton Gold

Posts: 521

Quote:

Originally Posted by T8191

How many people use 'AlexCruz' as a password?

At least one person does according to haveibeenpwned.com!

Worcester likes this.

Oct 26, 2018, 5:19 am

#14

xlcus

Join Date: Jun 2018

Programs: BAEC

Posts: 10

The sad thing is that I got notification from Amex (BA Amex card) to say that they were monitoring my account and not to worry - before I got any notification from BA.... (both times!)

Reply Subscribe

Reply Share

First
Prev
1 / 1
Next
Last

Forum Jump