BANGKOK, 12 September 2018: If you were thinking of paying for a British Airways ticket using your credit card think again.
The latest reports from the UK claim 380,000 British Airways passengers were victims of a massive hack on the airline’s website and its mobile app last week.
Following a media storm, the airline confirmed hackers gained access to passenger identifies, home addresses, financial information, including credit card numbers, expiry dates and even the CVV codes.
It should make us all wonder just how secure are the popular comparison booking sites. We happily pay by credit card for airline flights and hotel stays without batting an eyelid. But can we assume that the independent booking sites have better security than what British Airways can muster?
Of course, the IAG group CEO, Wallie Walsh, who just won an award for contributions to Irish tourism should get off his potty and be responsible for once and resign. He won’t of course, even though the corporation he leads has failed to provide adequate security against one of the biggest cyber attacks involving any commercial airline worldwide. It doesn’t get worse than that.
UK media says 380,000 card payments were hacked, while the airline described the attack as “malicious” and “sophisticated.”
Of course it was malicious, but how sophisticated depends on the state of BA’s online security. Considering the penny pinching policies of this particular airline perhaps the system was not as sophisticated as it should have been.
The airline is telling passengers to “contact their banks or credit card providers and adopt instructions to minimize potential financial losses.”
When challenged the airline said it was ready to reimburse losses incurred by passengers that could be linked to the hacking.
Police are investigating the incident, which is not very reassuring for those who fear their bank accounts and credit cards have been compromised. The incident gives scammers and criminals a harvest of data and information that can be used to steal millions from people who used their cards to buy tickets.
Experts suggest that the data stolen is usually sold on to third parties in a matter of minutes, making it difficult to trace. Not at all reassuring for the travellers who trusted an airline’s security systems.
While we all love the convenience of buying travel online and even moving to the era of electronic wallets and cashless payments through mobile apps there is another side to the story. Are our travel providers up to the challenge of providing hack-proof payment environments?
Personally, I doubt it and my response is to always use the option to pay cash at the nearest convenience store to minimise the use of credit cards. If an airline doesn’t offer the cash over the counter option then I go to a competitor who does.
As for third party comparison sites are they as secure as they claim to be? Not a word on that so far.