A tech security company has claimed the credit-card skimming group behind the attack on Ticketmaster was also responsible for the British Airways hack announced last week.
Threat detection firm RiskIQ said that the BA hack, in which 380,000 customers’ data — including sensitive financial details — were stolen, was probably carried out by criminal group Magecart.
It said the BA attack was “similar to the one leveled against Ticketmaster with one key difference: instead of compromising commonly used third-party functionality…Magecart operatives compromised the British Airways site directly”.
According to RiskIQ, Magecart rewrote the BA’s sites code “to steal sensitive data that consumers enter into online payment forms”, rather than scooping up information directly from BA’s system. The attack was “a simple but highly targeted approach compared to what we’ve seen in the past with the Magecart skimmer which grabbed forms indiscriminately”.
RiskIQ’s research determined that Magecart had broken into BA’s site “several days before the skimming began” on August 21. The attack lasted for 15 days until September 5.
The attack was one of the worst since the introduction of new data protection rules in May because card verification value (CVV) codes were taken. CVV codes make it much easier for cards to be used.
BA said: “As this is a criminal investigation, we are unable to comment on speculation.”