British Airways

British Airways found a security bug which has the potential to expose passengers’ data, including their flight booking details and personal information.

It was an attack that could expose victims’ booking reference numbers, phone numbers, email addresses and more.

It was found that bad actors could either view the victim’s personal data, or manipulate their booking information.

The exposed information includes email address, telephone numbers, BA membership numbers, first and last name, booking reference, itinerary, flight information like flight number, flight times, and seat number.

Source: https://threatpost.com/british-airways-e-ticketing-flaw-exposes-passenger-flight-personal-data/147260/

TPRM report: https://scoringcyber.rankiteo.com/company/british-airways

"id": "bri0563423",
"linkid": "british-airways",
"type": "Data Leak",
"date": "08/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Aviation',
                        'name': 'British Airways',
                        'type': 'Company'}],
 'attack_vector': ["View victim's personal data",
                   'Manipulate booking information'],
 'data_breach': {'personally_identifiable_information': ['email address',
                                                         'telephone numbers',
                                                         'BA membership '
                                                         'numbers',
                                                         'first and last name'],
                 'type_of_data_compromised': ['email address',
                                              'telephone numbers',
                                              'BA membership numbers',
                                              'first and last name',
                                              'booking reference',
                                              'itinerary',
                                              'flight number',
                                              'flight times',
                                              'seat number']},
 'description': 'British Airways found a security bug which has the potential '
                'to expose passengers’ data, including their flight booking '
                'details and personal information. The exposed information '
                'includes email address, telephone numbers, BA membership '
                'numbers, first and last name, booking reference, itinerary, '
                'flight information like flight number, flight times, and seat '
                'number.',
 'impact': {'data_compromised': ['email address',
                                 'telephone numbers',
                                 'BA membership numbers',
                                 'first and last name',
                                 'booking reference',
                                 'itinerary',
                                 'flight number',
                                 'flight times',
                                 'seat number']},
 'title': 'British Airways Data Exposure Incident',
 'type': 'Data Exposure'}

British Airways

Dansons

TEP Holdings, LLC

Bolton Global