British Airways has confirmed that cardholders’ CVV numbers were accessed during a recent high-profile data breach, but said the highly sensitive information was not being stored internally.
According to the company, the breach took place between 10:58pm on August 21 and 9:45pm on September 5, 2018, during which time the personal and financial details of 380,000 customers making or changing bookings through the company’s website or mobile app were accessible.
“Every customer will be fully reimbursed and we will pay for a credit checking service,” the company said in a statement.
“We take the protection of our customers’ data very seriously, and are very sorry for the concern that this criminal activity has caused.”
Request a Free Trial
As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.Take a Trial