British Airways has said that an additional 185, 000 customers may have become the victims of the cyber attack as the investigation has shown the hackers may have stolen the personal details of the passengers earlier this year.
The latest additional figure includes the holders of 77,000 payment cards whose personal details including name, address, e-mail address, card payment details, expiry date, and card verification value (CVV) have potentially been compromised.
In addition to the above, a further 108,000 customers personal details without CVV have also compromised, IAG said in a statement on Thursday (25).
The potentially impacted customers were those only making reward bookings between April 21 and July 28, 2018, and who used a payment card.
“While we do not have conclusive evidence that the data was removed from British Airways’ systems, we are taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution. Customers who are not contacted by British Airways by Friday 26 October at 1700 GMT do not need to take any action,” the company said in a statement.
“In addition, from the investigation, we know that fewer of the customers we originally announced were impacted. Of the 380,000 payment card details announced, 244,000 were affected. Crucially, we have had no verified cases of fraud,” the company added.
Since the announcement by the company on September 6, 2018, regarding the theft of customers’ data, British Airways has been working continuously with specialist cyber forensic investigators and the National Crime Agency to investigate fully the data theft. The company updating customers with further information as it concludes its internal investigation, the company said.
