Last week, British Airways announced that their credit card database was hacked. Now the attackers have been found.
It was just a week ago when British Airways announced that it had breached by hackers. The hackers had breached a database used by the company’s app and website, and the main purpose of the attack was the theft of customer credit card information. Now researchers say they know where the attack came from.
The attack came from the criminal operation known as Magecart which was first discovered by researchers in 2015. This is the same group that had carried out previous attacks via the chat function in apps and sites to grab payment information in what is said to be thousands of such attacks. The most well known of those attacks was on Ticketmaster. The attackers inserted malware through Java Script that works on the check out screen and grabs credit card info.
According to British Airways, the breach affected 380,000 customers who used the company’s website or app between August 21 and September 5. While these attacks will generally only affect a website, British Airway’s app developer chose to load the website’s payment interface directly into the app. What may have been a matter of convenience to the app developer, insured that the attack affected both the site users, and the app users.