Regulatory Story
Go to market news section View chart   Print

Update on British Airways cyber attack

Released 15:28 25-Oct-2018

RNS Number : 2296F
International Cons Airlines Group
25 October 2018



Further to International Airlines Group's (IAG) announcement on September 6, 2018 regarding the theft of its subsidiary British Airways' customers' data, the airline has been working continuously with specialist cyber forensic investigators and the National Crime Agency to investigate fully the data theft. It is updating customers today with further information as it concludes the internal investigation.


The investigation has shown the hackers may have stolen additional personal data and British Airways is notifying the holders of 77,000 payment cards, not previously notified, that the name, billing address, email address, card payment information, including card number, expiry date and CVV have potentially been compromised, and a further 108,000 without CVV. The potentially impacted customers were only those making reward bookings between April 21 and July 28, 2018, and who used a payment card.


While British Airways does not have conclusive evidence that the data was removed from its systems, it is taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution.


In addition, from the investigation British Airways knows that fewer of the customers originally identified were impacted.  Of the 380,000 payment card details identified, 244,000 were affected.


Since the announcement on September 6, 2018 British Airways can confirm that it has had no verified cases of fraud.  


October 25, 2018                               




This information is provided by RNS, the news service of the London Stock Exchange. RNS is approved by the Financial Conduct Authority to act as a Primary Information Provider in the United Kingdom. Terms and conditions relating to the use and distribution of this information may apply. For further information, please contact or visit

London Stock Exchange plc is not responsible for and does not check content on this Website. Website users are responsible for checking content. Any news item (including any prospectus) which is addressed solely to the persons and countries specified therein should not be relied upon other than by such persons and/or outside the specified countries. Terms and conditions, including restrictions on use and distribution apply.


Update on British Airways cyber attack - RNS