More creations to inspire you
Transcript
British Airways
Data breach
case study.
Situation
- British Airways (BA) suffered a major data breach in 2018
- Over 350,000 BA passengers' personal information, such as name, address, emails and bank account details were accessed by hackers
- British Airways were originally fined £183 million for the breach, but it was signifianly reduced to £20 million
- Compensation was paid to customers whose data was stolen
Key facts
The ICO ( Information Commissioner's Office ) claimed the attack happened after the British Airways website was diverted to a fake site. Alan Woodward, who wiorks for computer security, says the attack was most likely carried out through a supply chain attack on a third party payment utility used by BA.
what we know
Problem statement
This breach did not impact passport numbers or travel information.
Accordiong to riskiq, the hacking group behind this is called magecart
RiskIQ was a cyber security company based in California, USA, which provided detecting services for online security threats. It was bought by Microsoft in 2021 for $500,000,000. They believed that the criminals behind this cyber attack form a group called Magecart. Their main objective is to use online skimming to obtain personal data.
Bad afffect on BA's reputation, as many people were impacted and reviews weren't as good as they used to be
Due to cost cutting, brought on by the ICO's fine, customersd say quality of services has decreased
case study.