SITA [airline IT provider] data breach, some BAEC data compromised
#91
Join Date: Nov 2017
Programs: BA
Posts: 105
hence they never actually use the systems or apps.
I have reset my password and, like you, cannot login via email or membership number.
I haven’t used my username for years and don’t remember what it is.
There is no way the person who provided this ‘solution’ is a user (of BA’s services).
and if they are - they need to seek professional help!!!!
#92
Join Date: Feb 2016
Posts: 22
So I can not log into my account nor can I reset the password and this is all because some website which stores my BA number and seat preference has been hacked? I suppose BA have learnt some lessons from the previous fines but goodness me this is completely over the top.
#93
Join Date: Feb 2016
Posts: 22
Just about every email from BA include points and status. The odd thing about the email is it isn't addressed to me personally but rather with generic 'dear customer'.
#94
Join Date: Jun 2008
Location: BER
Programs: BAEC GGL/GfL, Lufthansa SEN, Hilton Diamond, misc other stuff
Posts: 1,374
That doesn't make it any better. As a third party I can see if it's worth breaking into somebody's BA account because when I just request the reset I can see status and Avios information. They are including information in those emails (esp the reset mail) that does not have to be included.
#95
Join Date: Oct 2012
Location: Helvetia
Programs: AS; BA Silver; UA; HH Gold; Sprüngli Connaisseur
Posts: 2,912
#96
Join Date: Apr 2007
Location: UK/Australia
Programs: BAEC Silver, UA2MM, QF Platinum, VA Platinum., Volare Executive Club
Posts: 2,512
#97
Join Date: Aug 2015
Location: Effectively grounded
Programs: BA GGL for a little while longer
Posts: 844
Weirdly enough, having read through this thread, I logged straight into my BA account using current username and password. No lockout, no forced password change, no 2FA... In fact, sweet FA
Edit
For clarity, I first logged on via the App, then subsequently the website. No messages, no action required, nothing...
Edit
For clarity, I first logged on via the App, then subsequently the website. No messages, no action required, nothing...
Last edited by OverTheHorizon; Mar 6, 2021 at 12:39 am
#98
Join Date: Sep 2013
Programs: BA Silver, ICH Plat Amb
Posts: 198
Fixed!
Last night I received this email for multiple accounts in the hha.
For each account I received the email, I couldn't access.
I could successfully change the password (logging on using baec account number) but then still couldn't access the account.
As per this thread I tried accessing using email without success, and I don't know my username.
Left it overnight
Tried this morning with my new password and it's working!
I also noticed that I didn't receive emails for every account in my hha. For those without emails, I could access without changing my password.
For each account I received the email, I couldn't access.
I could successfully change the password (logging on using baec account number) but then still couldn't access the account.
As per this thread I tried accessing using email without success, and I don't know my username.
Left it overnight
Tried this morning with my new password and it's working!
I also noticed that I didn't receive emails for every account in my hha. For those without emails, I could access without changing my password.
#99
Join Date: Jul 2007
Location: Berlin
Programs: BA Gold; Accor Plat; IHG Diamond-Amb; Meliá & HH & Marriott Gold
Posts: 5,450
Yes, that seems to be the Saturday morning situation. Yesterday evening my partner and I both got emails. The BA app showed a message and then logged me out.
I made a note to reset passwords this morning, but ba.com let me log in as usual and the app allowed me to log in again too, both using my old username and password.
Let's see what tomorrow brings... If there has been a breach then at some point new passwords will be needed.
I made a note to reset passwords this morning, but ba.com let me log in as usual and the app allowed me to log in again too, both using my old username and password.
Let's see what tomorrow brings... If there has been a breach then at some point new passwords will be needed.
#100
Join Date: Oct 2019
Location: clue is in the nym
Programs: BA Gold, TP Gold, VS Gold, Hilton Diamond, IHG Diamond, Hyatt Globalist, Marriott Platinum
Posts: 833
Another data point -
- Saw the thread last night, tried logging in using BAEC number and existing (unique) password - No Success.
- Received email from BA advising of SITA breach and recommending password change
- Slept on it and figured I'd address the problem over the weekend
- Tried logging in this morning using BAEC Number and existing (unique) password - Success
#101
Join Date: Nov 2017
Posts: 389
no problem accessing my account this morning.
And a thought... if SITA does not have the account password, what is the point of now changing it? it won't change the fact that someone may have your EC number or now know you like a window seat.
And a thought... if SITA does not have the account password, what is the point of now changing it? it won't change the fact that someone may have your EC number or now know you like a window seat.
#104
Join Date: May 2014
Posts: 7,237
Anyway, I don't understand all the brouhaha on these pages. I got the email, went on BA.com, reset the password, job done.
Then I promptly forgot the password but that's because I'm a muppet.
#105
Join Date: Jun 2005
Location: KSA
Programs: BA LTG, UA Gold, EK Silver, Hilton LT Diamond, Marriott LT Titanium, IHG Plat
Posts: 1,242
Check out https://www.pcmag.com/picks/the-best-password-managers for an idea of what to use