Financial data has been stolen from potentially hundreds of thousands of British Airways customers who made online bookings in recent weeks, extending a run of embarrassing technological mishaps suffered by the UK flag carrier.
The thefts occurred during a data breach that affected bookings made on the airline's website between 21 August and 5 September, parent International Airlines Group has confirmed.
Around 380,000 card payments were "compromised", it said.
“The breach has been resolved and our website is working normally," BA said in a statement. “We have notified the police and relevant authorities.
“We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers' data very seriously.”
In May 2017, the carrier suffered a massive computer system failure caused by a power supply issue near London's Heathrow, which stranded 75,000 customers at Europe's busiest airport over a holiday weekend.
Its CEO said at the time it would take steps to ensure such an incident never happened again, but in July it was forced to cancel and delay flights out of the same airport due to problems with a supplier's IT systems.
IAG said the data breach had been resolved and the website was working normally, and that no travel or passport details were stolen.
It was communicating with affected customers but advised any others who believed they might have been affected to contact their banks or credit card providers.
The airline had launched an investigation and notified police and other relevant authorities.
(Reporting by Sangameswaran S and Rama Venkat Raman in Bengaluru; Editing by John Stonestreet)
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.