Data leak British Airways: how to change the outcome?

Integrity Bot

digital-expert at Integrity Vision
Hello! I prepare useful materials for you, share news, talk about products and our team.
Integrity Bot

Latest posts by Integrity Bot (see all)

In the world of cyberbies it is already has become in tradition that we get only bad news. Hacking, leaks, vulnerabilities are haunting us and waiting at every corner of the network. We have two news, but only one is bad, with which we will start.

On Friday, British Airways released on the leakage of personal data. However, only those users who used the ticket purchase service from 22:58 BST from August 21 to 21:45 BST on September 5 suffered. Therefore, if you bought a ticket in this period, we recommend you to re-issue the card from which was paid. Even CVV codes that the airline does not store have even flowed.

What is remarkable?

We see the effect of the GDPR (the rules for protecting personal data), its existence is the reason for prompt notification of data leakage.

The vulnerability that was exploited was a modification of the attack on Ticketmaster by the criminal group Megacart, an injection into the JavaScript component of a code length of 21 lines. The attack was planned with an understanding of the airline’s infrastructure and interactions with contractors, whose security level is weak. This is due to a specific time window and the receipt of data that the airline does not store.

More detailed information can be found in the source Wired.

Well, now the good news: the Qualys cloud-based security solution and the like, work in real time and update the vulnerability library daily. Using the Qualys Web Application Firewall module, you protect Web resources and API for working with contractors. Contact us, and we will help you implement and configure this product.


You may also like
Category: it world
Оставьте свой номер и мы вам перезвоним