Go Back  FlyerTalk Forums > Miles&Points > Airlines and Mileage Programs > British Airways | Executive Club
Reload this Page >

BAEC requesting sensitive personal info over email

BAEC requesting sensitive personal info over email

Reply

Old Nov 12, 18, 12:44 pm
  #1  
Original Poster
 
Join Date: Mar 2005
Location: Vancouver, BC
Programs: Aeroplan
Posts: 788
BAEC requesting sensitive personal info over email

I recently submitted a request to BAEC via BA's email form. The email that I got back requested, for the purpose of "Data Protection" that I provide:
- my BA Executive Club number
- registered home address including postal code
- my Passport number

I'm a little aghast as to how to proceed as I certainly don't want to provide this information in emails. This would be much easier over the phone, but I'm currently travelling and phone access is more difficult for me.
Frayed_Yak is offline  
Reply With Quote
Old Nov 12, 18, 3:09 pm
  #2  
Moderator, Iberia Airlines, Airport Lounges, and Ambassador, British Airways Executive Club
 
Join Date: Feb 2010
Programs: BA Lifetime Gold; Flying Blue Life Platinum; LH Sen.; Hilton Diamond; Kemal Kebabs Prized Customer
Posts: 38,801
Yes it's been like this for a few months, and you aren't the first to complain about it. From my very limited experience of this, you can make do with the last 4 digits, and explain that given BA's track record with data protection you're unwilling to provide more. And invite them to call you.
LTN Phobia likes this.
corporate-wage-slave is offline  
Reply With Quote
Old Nov 12, 18, 3:21 pm
  #3  
 
Join Date: Feb 2016
Location: LHR
Programs: BAEC Gold, UAMP Silver, HH Silver, IHG Gold Elite, Sixt Gold
Posts: 334
They do the same on Twitter as well...which IMO is even worse.

I am afraid they are overcompensating for recent data issues in a way that actually poses more risks than the ones it is aimed at solving.

BA could benefit from proper data privacy consulting.
bisonrav, argonath and SK like this.
frandrake is offline  
Reply With Quote
Old Nov 12, 18, 3:59 pm
  #4  
 
Join Date: Sep 2009
Posts: 129
Treat email as being as secure as a postcard.
rapidex likes this.
JohnIreland is offline  
Reply With Quote
Old Nov 12, 18, 5:12 pm
  #5  
 
Join Date: Dec 2009
Location: Flatland
Programs: AA EP 1MM, BA Gold, UA Peon
Posts: 5,239
Having to phone in to avoid more risk of them losing your data in transit is only going to make their phone desk even more overloaded.

How hard can it be to authenticate the user on the web interface, then store the message internally and respond on the website (send an email saying there is a response, but without content) - like banks do?
flatlander is offline  
Reply With Quote
Old Nov 13, 18, 12:47 am
  #6  
 
Join Date: Apr 2007
Location: UK/Australia
Programs: BAEC Gold, UA2MM, WY Gold
Posts: 1,941
Originally Posted by flatlander View Post
Having to phone in to avoid more risk of them losing your data in transit is only going to make their phone desk even more overloaded.

How hard can it be to authenticate the user on the web interface, then store the message internally and respond on the website (send an email saying there is a response, but without content) - like banks do?
Yes, I had this issue recently, and I decided not to respond to BA's email. No way am I going to send that kind of personal information via regular email.

I don't see why BA can't do what my bank does with secure messaging (oh wait, I'd forgotten about BA's incompetent management and its foreign outsourced IT provider).
Grace B is online now  
Reply With Quote
Old Nov 13, 18, 1:05 am
  #7  
 
Join Date: Aug 2010
Location: London Stratford, E7
Programs: BAEC Gold! Thanks to FT
Posts: 1,926
It seems they have relaxed the requirements as when. I booked the flight in which my card details were compromised, I inadvertently booked 2 tickets. I tweeted the BA team and they asked for s lot of information before they called me and cancelled the duplicate booking. When I asked BA for help with a recent query it was just 2 of a possible number of things so requirements were relaxed.
KeaneJohn is online now  
Reply With Quote
Old Nov 13, 18, 1:18 am
  #8  
FlyerTalk Evangelist
 
Join Date: Mar 2002
Location: Berlin, Germany; Toronto, Canada; and SW Florida, USA
Programs: UA 1K, BA Gold, Hyatt Globalist, and assorted others
Posts: 22,258
May I ask which part you are aghast about. All of that information is already circulating freely.
LondonElite is offline  
Reply With Quote
Old Nov 13, 18, 1:46 am
  #9  
 
Join Date: Jun 2014
Posts: 756
By comparison, I've had a couple of things connected with my BAEC account sorted out over Twitter (extremely promptly, I must say) without BA asking for any credentials or further 'security' information from me at all!
newyorklondon is offline  
Reply With Quote
Old Nov 13, 18, 2:23 am
  #10  
 
Join Date: Nov 2017
Location: GLA
Programs: BAEC: Silver. Nothing else as TopCashBack trumps all hotel programs
Posts: 641
Originally Posted by frandrake View Post
BA could benefit from proper data privacy consulting.
But that would cost money. Short sighted share holders no likely that.
cupsandsaucers is offline  
Reply With Quote

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Thread Tools
Search this Thread