September 12, 2018

British Airways breach caused by credit card skimming malware

A security firm says credit card skimming malware installed by hackers on British Airways’ website a few months ago was to blame for a data breach of over 380,000 credit cards.

Payments through the airline’s website and mobile app were stolen over the three-week period, but a key clue was that travel information wasn’t affected.

Yonathan Klijnsma, a threat researcher at RiskIQ, suspected it might be the same group that was behind the Ticketmaster breach, in which hackers targeted a third-party that loaded code on Ticketmaster’s various sites. From there, it could siphon off thousands of transactions.

This time, Klijnsma said the group took an even more “highly targeted approach,” describing a wave of attacks that the “Magecart” collective has used to steal thousands of records from various sites in recent months.

Get the full story at TechCrunch and Wired