British Airways breach: How did hackers get in?

British Airways has revealed that hackers managed to breach its website and app, stealing data from many thousands of customers in the process. Names, email addresses and credit card details including card numbers, expiry dates and three-digit CVV codes were stolen by the hackers. Prof Woodward points out that this is an increasing problem for websites that embed code from third-party suppliers - it's known as a supply chain attack. There is no way of knowing for sure if something similar has happened to BA. Prof Woodward points out it may just as easily have been a company insider who tampered with the website and app's code for malicious purposes. Because CVV data, the three-digit security code on credit and debit cards, was also taken in the attack, it is indeed likely the details were lifted live, according to Robert Pritchard, a former cyber-security researcher at GCHQ and founder of private firm The Cyber Security Expert.

Read the full story

 Related companies

Make a complaint about British Airways by viewing their customer service contacts.

•