The British airline announced yesterday that it was the victim of a “very sophisticated, malicious criminal” attack, reports Reuters. Between August 21 and September 5, the personal and financial details of customers linked to 380,000 web transactions were stolen in the hack. The information compiled in the hack included names, street addresses, email addresses, credit card numbers and expiration dates, and credit card security codes. British Airways CEO Alex Cruz confirmed that the hackers did not break BA’s encryption, but would not specifically state how they gained access, telling BBC Radio:
“There were other methods, very sophisticated efforts, by criminals in obtaining the data. It was having access to our systems in an illicit way, it was very sophisticated.”
If there is any bit of good news it’s that the hackers did not make off with people’s travel plans or passport numbers.