ao link

 

Online card skim

Online card skim

“Since 2016, RiskIQ has reported on the use of web-based card skimmers operated by the threat group Magecart,” said the firm in a research note, issued on Tuesday (September 11).


“Traditionally, criminals use devices known as card skimmers — devices hidden within credit card readers on ATMs, fuel pumps, and other machines people pay for with credit cards every day — to steal credit card data for the criminal to later collect and either use themselves or sell to other parties. Magecart uses a digital variety of these devices.


“Magecart injects scripts designed to steal sensitive data that consumers enter into online payment forms on e-commerce websites directly or through compromised third-party suppliers used by these sites.


“Recently, Magecart operatives placed one of these digital skimmers on Ticketmaster websites through the compromise of a third-party functionality resulting in a high-profile breach of Ticketmaster customer data.


“Based on recent evidence, Magecart has now set their sights on British Airways, the largest airline in the UK.”


The group added: “As we’ve seen in this attack, Magecart set up custom, targeted infrastructure to blend in with the British Airways website specifically and avoid detection for as long as possible.


“While we can never know how much reach the attackers had on the British Airways servers, the fact that they were able to modify a resource for the site tells us the access was substantial, and the fact they likely had access long before the attack even started is a stark reminder about the vulnerability of web-facing assets.”

Criminal investigation

Criminal investigation

A British Airways spokesperson said: “As this is a criminal investigation, we are unable to comment on speculation.”


The theft is being investigated by the National Crime Agency, which said specialist officers from its National Cyber Crime Unit were working with BA to “gain a better understanding of the incident”.


“Our investigations into these types of incidents are often complex and take some time before the full details can be established,” said the NCA in a statement.


“We know ’opportunist’ criminals often use incidents like this to conduct secondary fraud attacks.

 

"Anyone who thinks they may be affected should remain vigilant of potential fraudsters seeking access to personal details. Any suspicious activity should be reported to Action Fraud.”

Sign up for weekday travel news and analysis straight to your inbox

Latest travel jobs

Assistant Manager - Birkenhead

Assistant Manager - Birkenhead

Travel Consultant - Wallasey

Travel Consultant - Wallasey

Store Manager - Cameron Toll

Store Manager - Cameron Toll

Competitions

Our Next Events

Luxpo 2024

Luxpo 2024

TTG Top 50 Travel Agencies 2024

TTG Top 50 Travel Agencies 2024

TTG - Travel Trade Gazette
For Smarter, Better, Fairer Travel
B Corp-certified
TTG Media Limited.
Place of registration: England and Wales.
Company number 08723341.
Registered address: 6th Floor, 2 London Wall Place, London EC2Y 5AU