EUROPE AFRICA AMERICAS APAC ME


Cyber-security firm claims to have discovered cause of BA’s data breach

Friday, 11 Sep, 2018 0

British Airways has refused to comment on claims by a cyber-security firm that it has found the malicious script that caused the recent data breach which affected 380,000 transactions.

RiskIQ claims the script was injected into both BA’s website and its app, allowing hackers to steal customer’s financial information.

One of its researchers has analysed code from BA’s website and app from late August when the airline was hacked and claims to have discovered a ‘skimming’ script, which it said was similar to one that targeted Ticketmaster’s website recently.

It said the code found on BA’s website was ‘very similar’, but was modified to suit the way the airline’s site was designed.

However, BA said: "As this is a criminal investigation, we are unable to comment on speculation."

In a report on his findings, which has been seen by the BBC, the RiskIQ researcher said: "This particular skimmer is very much attuned to how British Airway’s payment page is set up, which tells us that the attackers carefully considered how to target this site instead of blindly injecting the regular Magecart skimmer.

"The infrastructure used in this attack was set up with British Airways in mind and purposely targeted scripts that would blend in with normal payment processing to avoid detection."

RiskIQ said the malicious script grabbed data from BA’s online payment form, then sent it to the hackers’ server when the customer hit the ‘submit’ button.

The same script was found on the BA app on a page describing government taxes and carrier charges, said RiskIQ.

BA is facing compensation claims from some of the 380,000 customers whose information was stolen.



 

below social share icons
profileimage

Linsey McNeill

Editor Linsey McNeill has been writing about travel for more than three decades. Bylines include The Times, Telegraph, Observer, Guardian and Which? plus the South China Morning Post. She also shares insider tips on thetraveljournalist.co.uk



Cunard

Cunard is the operator of luxury cruise ships Queen Mary 2®, Queen Victoria® and Queen Elizabeth®. Renowned for impeccable White Star Service, gourmet dining and world...

P&O Cruises

Since 1932, P&O Cruises has offered Aussies and Kiwis the opportunity to take to the seas and have the holiday experience of a lifetime. Whether venturing near or ...

Destination British Columbia

Destination British Columbia (Destination BC) is a Provincially funded, industry-led Crown corporation that supports a strong and competitive future for BC’s tourism i...

Israel

From the Tel Aviv beach scene to the shores of the Dead Sea, Israel layers diverse cultures, outdoor adventures, and religious heritage onto a desert backdrop. Explori...

It’s More Fun in the Philippines

ABOUT THE PHILIPPINES Mabuhay! Welcome to our archipelago of 7,641 islands where there are endless beaches, lively and fashionable cities, smouldering volcanoes, and u...

Accor Group

Our leadership is bold. Our agility thrives on open innovation and we embrace the new, whether it’s diversity, trends, challenges. As change accelerates, we cont...

Punta Gorda / Englewood Beach

Discover Punta Gorda/Englewood Beach, also known as the Charlotte Harbor Gulf Island Coast. This natural wonderland is nestled in the heart of southwest Florida with k...

Stuba

The superpower in bed banks for 30 years We are an award-winning and trusted accommodation wholesaler since 1991. We are ISO 9001:2015 certified and have MSE2 rating f...

Latvia Travel

Latvia – a country in the Baltic region of Europe – may be small, but its pristine Baltic sea coastline and traditions tend to surpass even more iconic destinations of...

Visit Sweden

To say Sweden is fit for a fairy tale is not overstating it—the palaces dazzle, the boreal forests are brimming with mushrooms and berries, and magical Lapland is home...

American Tours International

From the beginning, ATI’s philosophy has been “innovation, not duplication.“ Developing specialized technology solutions to connect over 30,000 accommodation, attracti...

Babble Cloud

Babble is a leading technology business that is reimagining how we do work. Founded in 2001, the company works with over 4,000 organizations in a wide range of sectors...

Visit Santa Barbara

It’s easy to find perfection in Santa Barbara, but what if there was even more of your favorite finds, activities, events, shops, and restaurants that you had yet to d...

The Red Sea

In 2024, The Red Sea will be ready to welcome 300,000 guests in line with the completion of 16 hotels with 3,000 rooms across five islands and two inland sites (Jumeir...

Olympic Holidays

Family-owned Olympic Holidays has been arranging holidays to Greece, the Greek islands and Cyprus for more than half century. The company is unrivalled – and recognise...

Kiwi.com

We make travel accessible for everyone We believe everyone should be free to experience the world. For us, there’s no greater freedom than choosing where you want to b...

Celestyal Cruises

We’re the number one choice for travelers to the Greek Islands and Eastern Mediterranean – a fact we love to share! Our guests tell us it’s because we offer the only g...

Ecommpay

ECOMMPAY is an international payment service provider and direct bank card acquirer, engineering bespoke payment solutions for clients worldwide. Our payment gateway e...

Will the FIFA World Cup impact summer bookings?
Most Read
mostcomentedimg TAP Air Portugal to operate 29 flights due to strike on December 11
advisor_img

Phocuswright reveals the world's largest travel markets in volume in 2025
advisor_img

Higher departure tax and visa cost, e-arrival card: Japan unleashes the fiscal weapon against tourists
advisor_img

Cyclone in Sri Lanka had limited effect on tourism in contrary to media reports
advisor_img

Singapore to forbid entry to undesirable travelers with new no-boarding directive
advisor_img

Euromonitor International unveils world’s top 100 city destinations for 2025

Vegas’s Billion-Dollar Secrets – What They Don’t Want Tourists to Know

Visit Florida’s New CEO Bryan Griffin Shares His Vision for State Tourism with Graham

Chicago’s Tourism Renaissance: Graham Interviews Kristin Reynolds of Choose Chicago

Graham Talks with Cassandra McCauley of MMGY NextFactor About the Latest Industry Research

Destination International’s Andreas Weissenborn: Research, Advocacy, and Destination Impact

Graham and Don Welsh Discuss the Success of Destinations International’s Annual Conference

Graham and CEO Andre Kiwitz on Ventura Travel’s UK Move and Recruitment for the Role

Brett Laiken and Graham Discuss Florida’s Tourism Momentum and Global Appeal

Graham and Elliot Ferguson on Positioning DC as a Cultural and Inclusive Global Destination

Graham Talks to Fraser Last About His England-to-Ireland Trek for Mental Health Awareness

Kathy Nelson Tells Graham About the Honour of Hosting the World Cup and Kansas City’s Future

Graham McKenzie on Sir Richie Richardson’s Dual Passion for Golf and His Homeland, Antigua
TRAINING & COMPETITION
topnews
Holland America Line teams up ...
topnews
Central Florida Insider: Get t...
topnews
Crystal Launches Sell Three, S...
topnews
Introducing Inclusive Collecti...
topnews
Unlock Exclusive Benefits, Red...
topnews
Mālama Maui By Visiting Mindf...
Skip to toolbar
Clearing CSS/JS assets' cache... Please wait until this notice disappears...
Updating... Please wait...