IAG Share Price Hit After British Airways Data Hack
(Bloomberg) -- The hack of British Airways’s website that compromised personal and financial details of hundreds of thousands of customers hasn’t resulted in any cases of fraud thus far, Chief Executive Officer Alex Cruz said in an interview.
“As of 10 minutes ago, we don’t have any verified cases of fraud in any of the cases we have inspected,” Cruz said by phone at 2 p.m. in London. An internal team is working with police to investigate what the CEO has described as a sophisticated, malicious and criminal attack. Cruz said he was as yet unable to comment on the origin of the attack.
A spokeswoman for Prime Minister Theresa May said her office was working with the National Crime Agency and the National Cyber Security Centre to better understand the incident.
BA has been in touch with clients to make sure they contact their credit card providers to manage the data breach, following the revelation that hackers made off with card information -- including expiry dates and security codes -- from 380,000 web transactions. The carrier has promised to reimburse customers for any financial losses.
Shares in parent International Consolidated Airlines Group SA fell 1.8 percent to 669.20 pence at 3:27 p.m., paring a drop of as much as 5.8 percent.
“BA has always invested in absolutely the very best technology available,” Cruz said. “This is the attitude and will continue to be the attitude going on. We remain absolutely committed to increasing this spending on a yearly basis.” The carrier had never had such a breach in 23 years of hosting the website, he said.
The break-in lasted for more than two weeks, from Aug. 21 through Sept. 5, BA’s parent said in a statement Thursday. During that time, the intruders vacuumed up account numbers and personal information of customers making flight reservations from its website and its mobile app. The stolen data didn’t include travel or passport details, BA said.
“Will it be the last? No. It’s certainly not the first,” Tim Clark, president of Emirates, the world’s biggest long-haul carrier said in an interview with Bloomberg TV on Friday. “We all have to spend a lot more time and money on cyber security in trying to outwit, outperform those attempting to take us down.”
The breach sheds light on the difficulty companies have in protecting the customer information they store in networks that have become the backbone of their operations, said Israel Barak, chief information security officer at Cybereason, a Boston-based security software company.
“For the consumer, they should be working under the assumption that their personal information has been compromised many times over,” Barak said.
Monzo Bank, a U.K. mobile banking startup, ordered 1,300 replacement debit cards for customers who spent money with BA over the two-week period of the hack, Chief Executive Officer Tom Blomfield tweeted, adding that its customers will be notified if they are believed to have been affected.
The intrusion is the latest glitch to hit BA. Last year a power surge led to the breakdown of the carrier’s communications system, grounding London operations and causing travel chaos over a busy holiday weekend. That incident put Cruz on the hot seat just a year into the job.
BA said it’s advising customers who may be affected to contact their banks. It promised to pay for credit checks and reimburse those who lost money, managing claims case by case.
©2018 Bloomberg L.P.