Displaying items by tag: British Airways

GUEST OPINION: Darktrace head of threat analysis Toby Lewis has released a statement discussing the implications of the recent ransomware attack on the MOVEit platform.

Data theft using a zero-day in the secure managed file transfer software MOVEit Transfer has been claimed to be carried out by the Cl0p ransomware group, with the incidents starting on 27 May.

Security firm RiskIQ says a wave of compromises of e-commerce websites earlier this year were carried out through use of a variant of the Ant and Cockroach skimmer which was connected to a group of attackers known as Magecart group 12.

A cyber crime syndicate known as Magecart, which is made up of dozens of sub-groups that indulge in credit card theft by skimming online payment forms, has been found to be implicated in more than two million such attacks.

Sites that have been decommissioned due to attacks by the card-skimming attack group Magecart are being hijacked and re-used for other malicious activity once they come back online by a secondary group of cyber criminals, the security firm RiskIQ claims.

British Airways faces a fine of £183.39 million (A$329.1 million) for infringements of the EU General Data Protection Regulation which occurred during a data breach in September 2018, the UK Information Commissioner's Office says.

Financial data stolen from British Airways in a recent attack by a group known as Magecart is being hawked on the dark web, the researchers who attributed the attack claim.

British Airways has updated its advice on a breach of customer data, saying the payments cards of another 185,000 people could be affected, in addition to the 380,000 first mentioned.

The American security firm Symantec says it has blocked nearly a quarter of a million attempts at what it calls "formjacking" — use of malicious JavaScript to steal credit card details and other information from payment forms on the checkout Web pages of e-commerce sites — since mid-August.

The malicious attacker, or attackers, known as Magecart, who infiltrated the British Airways website last month, have now attacked online retailer Newegg using a new domain named neweggstats.com that they registered in August.

Last year, human resources firm PageUp People was reported to be considering a listing on the Australian Stock Exchange. But given this year's massive data breach and the subsequent fallout, it would probably be a safe bet that the company has put those plans in cold storage.

Security firm RiskIQ has claimed that the breach of the British Airways website was carried out by a group known as Magecart which was also responsible for infiltrating the Ticketmaster UK website earlier this year.

The British Airways website breach appears to have been done through a cross-site scripting flaw, according to the chief executive of a Web automation company in the UK.

A well-known security researcher claims that, between 20 July and 20 August, British Airways changed the third-party JavaScript code it loads on its website as a result of a privacy complaint he had made.

The personal and financial details of 380,000 customers who made bookings with British Airways on its website ba.com between 21 August and 5 September have been stolen, the airline says.

A security researcher has asked British Airways to explain why its online check-in page leaks booking references and surnames to a number of third parties, among them Twitter, LinkedIn and Google Doubleclick.

Global satellite company Inmarsat has signed up the International Airlines Group (IAG), parent company of Aer Lingus, British Airways, Iberia and Vueling, as the launch customer for its European Aviation Network (EAN) high-speed in-flight broadband service.

United Airlines has claimed to be the first network carrier to adopt paperless flight decks, announcing earlier this week that it will deploy 11,000 iPads to replace traditional aeronautical navigation charts.

British Airways is trialling the use of Apple's popular tablet on its airliners to replace the traditional printed passenger roster.