IT systems failed and led to collapse at the airports
On August 7, 2019 in computer systems of British Airways there was a failure because of which tens of runs were delayed. The problem is aggravated with the fact that it arose in the period of a pica of holidays.
| ||We had some problems this morning, they mentioned terminals and front desks and also departures of airplanes … We work on as soon as possible to solve a system problem which led to canceling of a number of runs to short distances and delays at the London airports, says British Airways.|| |
The airline also told that some flights continue to be performed. Nevertheless the airline recommended to clients before coming to the airport, to check the relevant information on the website. The airline offers passengers, whose run was cancelled, an opportunity of its postponement for other days.
Because of malfunctions the company cancelled more than 90 runs at the London airports. Among them there is a run to St. Petersburg which had to arrive to Pulkovo at 2:45 p.m. on Moscow time. Also the departure from Pulkovo to London which according to the schedule had to go at 3:40 p.m. on Moscow time is cancelled.
Some users complain of problems with online registration for run while others write in social networks that they got stuck in airplanes which for hours could not take off.
The photographer Stewart Jackson on the Twitter blog wrote that it and other passengers got stuck in the airplane therefore he was not in time on connection flight, the made months plans were ruined and thousands of pounds sterling were lost.
Fine of 183.4 million pounds sterling for date leak of passengers
On July 8, 2019 the British Department of the representative for information ( The UK Information Commissioner’s Office, ICO) announced imposing on British Airways of a penalty in the amount of 183.4 million pounds sterling (about $230 million) for large-scale date leak.
| ||The law is extremely clear — if trust you personal data, then you should save them. Those who will not be able to cope with it will face careful check from my department — the commissioner of ICO Elisabeth Denem said.|| |
As notes BBC, the penalty became the biggest of all, ICO which ever are taken out. Besides, it was record for the airlines which allowed date leaks. The chairman of the board of directors and the CEO of British Airways Alex Cruz (Alex Cruz) said that the company "is surprised and disappointed" with the solution of the regulator.
| ||British Airways quickly reacted to criminal action for the purpose of theft of these clients. We did not find any proofs of fraud on accounts which theft concerned — Cruz reported. He also apologized to clients for the caused inconveniences.|| |
Initially British Airways stated that as a result of cyber attack to the website and mobile application of airline data of bank cards of 380 thousand clients could be stolen. However afterwards it became clear that leak concerned 185 thousand more passengers, than it was stated initially, and theft lasted not two weeks, and longer, Financial Times tells.
The penalty which is written out by British Airways will make 1.5% of world turnover of airline in 2017 (the greatest possible penalty in Great Britain for date leak makes 4% of turnover of the company).
Punishment of British Airways can become one of most noticeable within the general regulations of the EU about data protection (General Data Protection Regulation, GDPR) regulating distribution and use of personal data of Europeans which began to work on May 25, 2018.
The method of cracking of the website of British Airways is opened
On September 11, 2018 the method of cracking of the website of British Airways which led to the largest date leak at airline became known.
The Risk IQ company specializing in technologies of information security detected harmful lines in a program code of the website using which hackers could obtain data about 380 thousand clients of airline.
According to specialists, behind cyberattack on the website and mobile application of British Airways there is a hacker MageCart grouping which cracks services, implementing the script working by the principle of skimmers. Such miniature devices are installed by swindlers in the ATM for theft of banking data from owners of debit and credit cards.
Risk IQ told that the scheme of a skimming was adapted for the British Airways website. It was constructed in such a way that the harmful mechanism was built in payment processing therefore it was very difficult to notice fraud. Most likely, hackers got access to the website of airline for some time prior to the attack which happened from August 21 to September 5, 2018 as attack was well planned.
| ||This skimmer is very well adapted for the organization of payments on the website of British Airways. It demonstrates to what organizers very carefully thought over how to attack the website instead of blindly implementing the normal MageCart skimmer — said in Risk IQ.|| |
Leak of banking data of 380 thousand clients
At the beginning of September, 2018 it became known of large-scale date leak of clients of British Airways. As a result of the hacker attack information concerning payments according to cards about 380 thousand people which used services of the British airline was stolen.
The users making online armoring of tickets on the website and through mobile application of British Airways during the period from August 21 to September 5, 2018 suffered, the Reuters news agency with the link the statement of International Airlines Group holding which includes British Airways reports.
| ||British Airways contacts victims, we advise all clients who consider that this incident could affect them, contact the banks and follow their recommendations — reported in holding.|| |
The airline claims that vulnerability because of which there was a cyberincident is eliminated, and "compromised" there was only information on non-cash payments — passport data of holders of cards and data on the planned flights are not mentioned. Urgent investigation in cooperation with law enforcement agencies is made.
The CEO of British Airways Alex Cruz expressed a regret because of the incident and apologized to clients.
| ||We deeply regret for the violation caused by criminal acts. We very seriously treat data protection of our clients — the head of airline told.|| |
British Airways did not state the reasons because of which there was a large date leak of clients. The company only noted that problems are not connected with the decision on outsourcing of IT transactions.
According to The Guardian, after the incident can be fined by British Airways according to new general rules of data protection. The maximum amount of collecting for similar violations is 4% of global revenue. In a case with British Airways it is about 500 million pounds sterling.
2017: Large-scale failure in work of IT systems
On May 27, 2017 in computer systems of the British airline British Airways there was a large-scale failure which led to canceling of a set of runs. Losses of carrier as a result of an incident can make up to $200 million.
On May 27−28, 2017 from the airports of London about 75 thousand passengers could not get on flights of British Airways, over 1 thousand runs were cancelled or laid off. Those who managed to be replaced to runs of other airlines had to travel without baggage. Problems in work of British Airways matched the beginning of a week school break in Great Britain.
Canceling of flights happened because of malfunctions in a computer system which resulted from interruptions in power supply. Failure also affected the website and call center of the company. The airline did not detect proofs of participation of hackers in a problem.
Earlier British media assumed that the IT failure largest in recent years in an aviation industry happened because of optimization of British Airways of expenses and transfer a naautsorsing of some work types. The company denied this information.
According to estimates of Citigroup, an effect of computer failure will cost British Airways about 100 million euros. The bank counted that because of canceling of runs 175 thousand passengers suffered.
The The Times edition with reference to experts writes that the last will have to pay to each passenger who was affected by failure in work of airline from 225 to 540 pounds sterling, and the general loss of airline can exceed 150 million pounds sterling ($190 million).
In the International Consolidated Airlines Group aviagroup which part British Airways is, note that so far too early to do forecasts concerning the expenses connected with computer failure.
- ↑ British Airways flights disrupted by IT failures
- ↑ £ UK proposes 183m fine over British Airways data breach
- ↑ Inside the Magecart Breach of British Airways: How 22 Lines of Code Claimed 380.000 Victims
- ↑ British Airways website suffers data breach; 380.000 payments affected
- ↑ British Airways vows 'never again' after costly IT collapse