According to media reports, customers of British Airways have fallen victims of a severe data breach and all signs point to a crime gang MageCart. The largest airline in the United Kingdom is investigating the theft of customer data which lasted from August 21 to September 5, 2018. Reportedly, hackers obtained personal and financial details of users who were making bookings and changes on the website ba.com and the airline’s app over the mentioned period. The company assures that the data did not include travel or passport details.
A malicious script created by MageCart was loaded from a baggage claim information page on the airline website. The hackers managed to alternate an original code at Modernize JavaScript Library without causing harm to the script and allowing the system to continue its operations. However, thanks to the attached modification all payment information was sent to the attackers’ server after a customer entered his payment credentials in the British Airways webpage or the app.
The MageCart has been active since 2015. The group is known for compromising e-commerce websites to steal payment and other sensitive details using digital card skimmers, devices hidden within credit card readers on ATMs and other machines used on daily basis for payments and operations with credit and debit cards. Further, they can use the collected information themselves or sell it to other parties.
The affected customers can expect British Airways will contact them in the near future informing about details of the case. However, they should be aware of highly possible attempts by fraudsters claiming to be British Airways and trying to gather personal information by deception. Suspicious requests should be reported to the police and relevant authorities.
AM, Verificators
Source: British Airway
